rhsa-2022_2217
Vulnerability from csaf_redhat
Published
2022-05-11 20:33
Modified
2024-12-17 21:57
Summary
Red Hat Security Advisory: Red Hat OpenShift Logging Security and Bug update Release 5.3.7

Notes

Topic
Openshift Logging Bug Fix Release (5.3.7) Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Openshift Logging Bug Fix Release (5.3.7) Security Fix(es): * kubeclient: kubeconfig parsing error can lead to MITM attacks (CVE-2022-0759) * netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136) * netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137) * netty: control chars in header names may lead to HTTP request smuggling (CVE-2021-43797) * prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.



{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Openshift Logging Bug Fix Release (5.3.7)\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Openshift Logging Bug Fix Release (5.3.7)\n\nSecurity Fix(es):\n\n* kubeclient: kubeconfig parsing error can lead to MITM attacks (CVE-2022-0759)\n\n* netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\n* netty: control chars in header names may lead to HTTP request smuggling (CVE-2021-43797)\n\n* prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2022:2217",
        "url": "https://access.redhat.com/errata/RHSA-2022:2217"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "2004133",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
      },
      {
        "category": "external",
        "summary": "2004135",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
      },
      {
        "category": "external",
        "summary": "2031958",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031958"
      },
      {
        "category": "external",
        "summary": "2045880",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2045880"
      },
      {
        "category": "external",
        "summary": "2058404",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058404"
      },
      {
        "category": "external",
        "summary": "LOG-2334",
        "url": "https://issues.redhat.com/browse/LOG-2334"
      },
      {
        "category": "external",
        "summary": "LOG-2450",
        "url": "https://issues.redhat.com/browse/LOG-2450"
      },
      {
        "category": "external",
        "summary": "LOG-2481",
        "url": "https://issues.redhat.com/browse/LOG-2481"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_2217.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat OpenShift Logging Security and Bug update Release 5.3.7",
    "tracking": {
      "current_release_date": "2024-12-17T21:57:22+00:00",
      "generator": {
        "date": "2024-12-17T21:57:22+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.3"
        }
      },
      "id": "RHSA-2022:2217",
      "initial_release_date": "2022-05-11T20:33:12+00:00",
      "revision_history": [
        {
          "date": "2022-05-11T20:33:12+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2022-05-11T20:33:12+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-17T21:57:22+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "OpenShift Logging 5.3",
                "product": {
                  "name": "OpenShift Logging 5.3",
                  "product_id": "8Base-OSE-LOGGING-5.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:logging:5.3::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Enterprise"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
                "product": {
                  "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
                  "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.7-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
                "product": {
                  "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
                  "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.7-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
                "product": {
                  "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
                  "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-171"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
                "product": {
                  "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
                  "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-127"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
                "product": {
                  "name": "openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
                  "product_id": "openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-126"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
                "product": {
                  "name": "openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
                  "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-159"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
                "product": {
                  "name": "openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
                  "product_id": "openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-164"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
                "product": {
                  "name": "openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
                  "product_id": "openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-178"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
                "product": {
                  "name": "openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
                  "product_id": "openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-190"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
                "product": {
                  "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
                  "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.7-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
                "product": {
                  "name": "openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
                  "product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.3.7-20"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
                "product": {
                  "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
                  "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.7-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
                "product": {
                  "name": "openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
                  "product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.3.7-20"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
                "product": {
                  "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
                  "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-171"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
                "product": {
                  "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
                  "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-127"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
                "product": {
                  "name": "openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
                  "product_id": "openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-126"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
                "product": {
                  "name": "openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
                  "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-159"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
                "product": {
                  "name": "openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
                  "product_id": "openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-164"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
                "product": {
                  "name": "openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
                  "product_id": "openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-178"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
                "product": {
                  "name": "openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
                  "product_id": "openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-190"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
                "product": {
                  "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
                  "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.7-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
                "product": {
                  "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
                  "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.7-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
                "product": {
                  "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
                  "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-171"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
                "product": {
                  "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
                  "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-127"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le",
                "product": {
                  "name": "openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le",
                  "product_id": "openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-126"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
                "product": {
                  "name": "openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
                  "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-159"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
                "product": {
                  "name": "openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
                  "product_id": "openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.3.0-164"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
                "product": {
                  "name": "openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
                  "product_id": "openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-178"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
                "product": {
                  "name": "openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
                  "product_id": "openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-190"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64 as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64"
        },
        "product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le"
        },
        "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x"
        },
        "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64 as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64"
        },
        "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64 as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64"
        },
        "product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x"
        },
        "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64 as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64"
        },
        "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le"
        },
        "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64 as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64"
        },
        "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le"
        },
        "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x"
        },
        "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le"
        },
        "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64 as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64"
        },
        "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x"
        },
        "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le"
        },
        "product_reference": "openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64 as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64"
        },
        "product_reference": "openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x"
        },
        "product_reference": "openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x"
        },
        "product_reference": "openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le"
        },
        "product_reference": "openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64 as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64"
        },
        "product_reference": "openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x"
        },
        "product_reference": "openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64 as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64"
        },
        "product_reference": "openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le"
        },
        "product_reference": "openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64 as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64"
        },
        "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x"
        },
        "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le"
        },
        "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64 as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64"
        },
        "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x"
        },
        "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le as a component of OpenShift Logging 5.3",
          "product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
        },
        "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le",
        "relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-37136",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2021-09-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2004133"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Netty\u0027s netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In the OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack ship the vulnerable version of netty-codec package. Since the release of OCP 4.6, the Metering product has been deprecated [1], so the affected components are marked as wontfix. This may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x"
        ],
        "known_not_affected": [
          "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-37136"
        },
        {
          "category": "external",
          "summary": "RHBZ#2004133",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004133"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-37136",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37136"
        },
        {
          "category": "external",
          "summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
          "url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
        }
      ],
      "release_date": "2021-09-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-05-11T20:33:12+00:00",
          "details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
          "product_ids": [
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:2217"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "netty-codec: Bzip2Decoder doesn\u0027t allow setting size restrictions for decompressed data"
    },
    {
      "cve": "CVE-2021-37137",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2021-09-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2004135"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Netty\u0027s netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec package.\nSince the release of OCP 4.6, the Metering product has been deprecated [1], hence the affected components are marked as wontfix.\nThis may be fixed in the future.\n\nStarting in OCP 4.7, the elasticsearch component is shipping as a part of the OpenShift Logging product (openshift-logging/elasticsearch6-rhel8). The elasticsearch component delivered in OCP 4.6 is marked as `Out of support scope` because these versions are already under Maintenance Phase of the support.\n\n[1] https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html#ocp-4-6-metering-operator-deprecated",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x"
        ],
        "known_not_affected": [
          "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-37137"
        },
        {
          "category": "external",
          "summary": "RHBZ#2004135",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004135"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-37137",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37137"
        },
        {
          "category": "external",
          "summary": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv",
          "url": "https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv"
        }
      ],
      "release_date": "2021-09-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-05-11T20:33:12+00:00",
          "details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
          "product_ids": [
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:2217"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "netty-codec: SnappyFrameDecoder doesn\u0027t restrict chunk length and may buffer skippable chunks in an unnecessary way"
    },
    {
      "cve": "CVE-2021-43797",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "discovery_date": "2021-12-09T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2031958"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Netty, specifically in the netty-codec-http package. This flaw allows unauthorized control characters at the beginning and end of a request, does not follow the specification, and can cause HTTP request smuggling.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "netty: control chars in header names may lead to HTTP request smuggling",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of netty-codec-http package.\nSince the release of OCP 4.6, the Metering product has been deprecated, hence the affected components are marked as wontfix.\nThe openshift4/ose-logging-elasticsearch6 container is marked as Out of support scope because since the release of OCP 4.7 the logging functionality is delivered as an OpenShift Logging product and OCP 4.6 is already in the Maintenance Support phase.\nA fix was introduced in netty-codec-http version 4.1.72.Final.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x"
        ],
        "known_not_affected": [
          "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2021-43797"
        },
        {
          "category": "external",
          "summary": "RHBZ#2031958",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031958"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2021-43797",
          "url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43797",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43797"
        },
        {
          "category": "external",
          "summary": "https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq",
          "url": "https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq"
        }
      ],
      "release_date": "2021-12-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-05-11T20:33:12+00:00",
          "details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
          "product_ids": [
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:2217"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "netty: control chars in header names may lead to HTTP request smuggling"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Beni Paskin Cherniavsky"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2022-0759",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "discovery_date": "2022-02-15T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2058404"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in kubeclient, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate (it wrongly returns VERIFY_NONE). Ruby applications that leverage kubeclient to parse kubeconfig files are susceptible to Man-in-the-middle attacks (MITM).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kubeclient: kubeconfig parsing error can lead to MITM attacks",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64"
        ],
        "known_not_affected": [
          "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-0759"
        },
        {
          "category": "external",
          "summary": "RHBZ#2058404",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2058404"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-0759",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-0759"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0759",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0759"
        }
      ],
      "release_date": "2022-03-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-05-11T20:33:12+00:00",
          "details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
          "product_ids": [
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:2217"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kubeclient: kubeconfig parsing error can lead to MITM attacks"
    },
    {
      "cve": "CVE-2022-21698",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "discovery_date": "2022-01-19T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2045880"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on an HTTP server by exploiting the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "prometheus/client_golang: Denial of service using InstrumentHandlerCounter",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw has been rated as having a moderate impact for two main reasons. The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. Additionally, this is in alignment with upstream\u0027s (the Prometheus project) impact rating.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x"
        ],
        "known_not_affected": [
          "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
          "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
          "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
          "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-21698"
        },
        {
          "category": "external",
          "summary": "RHBZ#2045880",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2045880"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-21698",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-21698"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21698",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21698"
        },
        {
          "category": "external",
          "summary": "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p",
          "url": "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p"
        }
      ],
      "release_date": "2022-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-05-11T20:33:12+00:00",
          "details": "For OpenShift Container Platform 4.10 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.10/release_notes/ocp-4-10-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
          "product_ids": [
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:2217"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:fa801c97daf5f30c6c68bc299c78482f5a2994f7b93d54d9b775fe0f1cc5adfe_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:0089e0896030fab54ec0240b388ae3e67a6abe2b3c27b44ff2044665526d916e_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:02d893b2e07191ebe687880700fcfc95dd3c951f9d19326435410115915025e0_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5c5ec8921be5842e402c3ec5521d88c8917cfd309bd1427d0ba8b3bdb9d72509_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:7b95c77ec85fb93ca74a5954462a1050b129648ae4db06bc5a2868008f8746df_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:1ee893d481fec9e96a6d6f6b16a963825d23d212e36948b24aa106e59401ff4a_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:6c5944a63df37790dd59a0c565cb9fe4d645884bcf74596ef3e2be14bd827ecc_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:b777304418cc8f2700799f61e5e3e60688919fa0978964a336176ea3c0e78701_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:38bc2e9b4fd4d2ce0cdf3762bc4b77f43b0fbd149d93688496db5cfdffac8491_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:528c2f2c78fd58cf9a2d554cc192e55463a6a17aeaaa4d3b44f4cc24deed24a6_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c619472fcc907723ff5f3755a627c149db42ecede127b48a46b2ca094d294203_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3c19ff6940372c621c40a770050f7625fbfbefbe342b51d6b756b0860b2cea8c_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:9d9cba43e0d2b61b6ab6d6d0fd50bfe61c1ff4712c3c6c45760d5144a4f34c61_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:a484145be969edf1e6558063603542825e010243606134468464bae2c833c977_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:44e9ee4182aa23780da09d18165d0beb24b36bc7d87ecee61857c271dbb26a1b_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:83363ad421eadf39294a922bdd6b670c4788458877476e5a9a64740ab50b1201_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/eventrouter-rhel8@sha256:e99b920ed1f2443739c1a1889e44ac26d735731b3ff3bab81daf64bd6c4c3179_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:78f92e6374d4e129ec45fba87d287032f737af078d03ef81533860af08c02c77_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:eaaa3996613181f425ecf9fe212d2d1a3d5e7fd52382e5ba43194bac563953f1_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f53bcaacf26f778d1512628d8420629d47312f593326c0bc47d6558557dfd6ae_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:39d97c6396d3191d0cd69201f4d6f8d0c8eb76954c37cba9b0675607509f765f_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:756e05395e54f5845191c36e0c3a83fb792b94e96b9f348e491572e0b7089f14_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:b2a63d2d038aaf3091cbe4c91ab3a7050a60d5d3876e78d026bd22642cbfa2d7_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:20d4430185b838ed028e2129512998587e12e1b191bb542b6720814aac9e90ea_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:7b422a3f0ef73e52a9197381f50087ea83e853aa2982ed551ec80535ef3b9611_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:afc750662cc7cb7bc79f52d4ff1aaaa0da29b4392304982b437fa9cca75798d1_ppc64le",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:1b773e5b4776f3e033274b340382ac59962d0db53e11a97a00610b33fb6ee45b_amd64",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:8b5d32d0221377937d8ab31377eb4f8263559ec9b32985bbf2c38c11a3294bad_s390x",
            "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:950f99b1193e7b96ae1340be391fba4e3525ce172070ae2f7a944903b630c7d2_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "prometheus/client_golang: Denial of service using InstrumentHandlerCounter"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.