RHSA-2022_4668
Vulnerability from csaf_redhat - Published: 2022-05-18 20:25 - Updated: 2024-12-17 21:57Summary
Red Hat Security Advisory: OpenShift Virtualization 4.10.1 Images security and bug fix update
Severity
Moderate
Notes
Topic: Red Hat OpenShift Virtualization release 4.10.1 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains the following OpenShift Virtualization 4.10.1 images:
RHEL-8-CNV-4.10
==============
virtio-win-container-v4.10.1-4
hostpath-provisioner-operator-container-v4.10.1-6
bridge-marker-container-v4.10.1-12
cnv-containernetworking-plugins-container-v4.10.1-12
ovs-cni-plugin-container-v4.10.1-12
kubemacpool-container-v4.10.1-12
ovs-cni-marker-container-v4.10.1-12
kubernetes-nmstate-handler-container-v4.10.1-12
cluster-network-addons-operator-container-v4.10.1-12
cnv-must-gather-container-v4.10.1-15
hyperconverged-cluster-webhook-container-v4.10.1-19
hyperconverged-cluster-operator-container-v4.10.1-19
kubevirt-ssp-operator-container-v4.10.1-10
virt-cdi-apiserver-container-v4.10.1-16
virt-cdi-controller-container-v4.10.1-16
hostpath-provisioner-container-v4.10.1-5
virt-cdi-uploadserver-container-v4.10.1-16
node-maintenance-operator-container-v4.10.1-4
virt-cdi-operator-container-v4.10.1-16
virt-cdi-uploadproxy-container-v4.10.1-16
hostpath-csi-driver-container-v4.10.1-5
virt-cdi-cloner-container-v4.10.1-16
kubevirt-template-validator-container-v4.10.1-4
virt-cdi-importer-container-v4.10.1-16
virt-api-container-v4.10.1-8
virt-handler-container-v4.10.1-8
virt-controller-container-v4.10.1-8
virt-launcher-container-v4.10.1-8
virt-artifacts-server-container-v4.10.1-8
libguestfs-tools-container-v4.10.1-8
virt-operator-container-v4.10.1-8
hco-bundle-registry-container-v4.10.1-99
Security Fix(es):
* golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)
* prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)
* opencontainers: OCI manifest and index parsing confusion (CVE-2021-41190)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A race condition flaw was found in Go. The incoming requests body weren't closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability.
5.9 (Medium)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a2401108688b44ef1fd9b187894358b4536ad9b2b5c436d507ff15f9f6af0f9f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:9acd4b9e8b289064491b5749aa7c642dd5f0470f70f0503c1f7c7c047053760f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:db0489f5160a0f569c0b0b05d6e26e7ff5618dd0cde85d77133b76fd70b9c5b7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:4455b45f19f5223e5239bad8bc30b258f33025545d7a16314303ed60af00a2fa_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:1e3615ff55c43d1bf7f5a9be449179d896271f90837476f6c545c917637466a8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:f810c2421d77579caabec7dfcbf82dc3840751c486669df02d2877c9f1962436_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:63b3b7a87a8f9360248e9ff45ac46484c18bb972c735fe8e4b6bdf127d943b47_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:4541ed04a67e85fae426a5a58695339e583e2692878dca1cc93c62b5e1e30fd3_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:79ad494103e90fb80f012c4324555e6f93c4c37df85b1ecea9f80495a521e01f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:50d63dbcda94374e6d40b01632619fd81ce0e800166cfa1c08711e145cbcf0d6_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:5d815abb91431f9a88981c52b071ab991b4b74f5801be2bdc6ea7570c9451f34_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:ac8b60a91411c0fcc4ab2c52db8b6e7682ee747c8969dde9ad8d1a5aa7d44772_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:f1dfaac28b4e889c7433bcb6a8cf84a4ae154e47936cc774d7da7a8361a6090d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5beca691807b625e0b7b0d086e4a69ad846753cec6ed31e09fe7b46a78dd75a0_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:7fc8e3971a085fb4f0417d9bc412f37a8ac1ca93e619fbd85862682d7d0d24cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:cf5542bd64485c1f560dc43b9754e29dcdf460cee0b241d9bc6bf9c83f7bba6d_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:683aefe3e095f21c07489793644413aec5f55e5c6193f7961a17c95a42aaf5a4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:788b98d8e719fc6a7395882f209361da891d81253252e1874d2b5fcd8b272042_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:580b463fab66f776bdda7b9337ca229cdf7559616756b3dde5f4fde81fcebe08_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:467308015352358d822228ae3247621d83cd51fb20a87384623706ec648bb0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:76f695ed58f0b255fb0a8a672744cde4193e231b98d1539dfd811ad390dff56c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:e748c16a1a1a9ba19decb60cad5625f9e9e4987c72a54907d826f731e229becd_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:ffd3823014509a0ce3b72ece5caa34e0c331f0133e284ce08614113445d256c4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:5dd05762652a895bc48db344e573942e0d291175b2391e60d152ce60b6e3ea3e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:abc1c2b5726805ca4ccd1ed50dc7ab3706bc36ffa31d499cd6374242118180e3_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:563507ce784589a79aaa4d8c29742f098f6501d17d9f477472e279556e8e15ce_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:7ead858553adfb95b5a2704cc2dca061a5f36de7575d829e0568a94b09a55573_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:b5a320e87976d906b9aa37da2cd9f40f54e05847245345e2dc4285633b90460f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:9199f9bc2dbeb91874f2865e4162c681e1f75a41f5cc73702226424345971e85_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:f786ba3de0ca54a9252f5e9f615fa5662c76e0fcffbdf635d3071865758e5c8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:4a0d654eea8b9669f082ed092e79b3203a131223b8e534c3414051aad05497b0_amd64 | — |
Workaround
|
Threats
Impact
Moderate
The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Image Specification, the manifest and index documents were not self-describing and documents with a single digest could be interpreted as either a manifest or an index. In the OCI Image Specification version 1.0.1 there is specified a recommendation that both manifest and index documents contain a `mediaType` field to identify the type of document.
5.0 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:4455b45f19f5223e5239bad8bc30b258f33025545d7a16314303ed60af00a2fa_amd64 | — |
Vendor Fix
fix
|
Known not affected
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:4541ed04a67e85fae426a5a58695339e583e2692878dca1cc93c62b5e1e30fd3_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:79ad494103e90fb80f012c4324555e6f93c4c37df85b1ecea9f80495a521e01f_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:50d63dbcda94374e6d40b01632619fd81ce0e800166cfa1c08711e145cbcf0d6_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:5d815abb91431f9a88981c52b071ab991b4b74f5801be2bdc6ea7570c9451f34_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:ac8b60a91411c0fcc4ab2c52db8b6e7682ee747c8969dde9ad8d1a5aa7d44772_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:f1dfaac28b4e889c7433bcb6a8cf84a4ae154e47936cc774d7da7a8361a6090d_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5beca691807b625e0b7b0d086e4a69ad846753cec6ed31e09fe7b46a78dd75a0_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:7fc8e3971a085fb4f0417d9bc412f37a8ac1ca93e619fbd85862682d7d0d24cc_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:cf5542bd64485c1f560dc43b9754e29dcdf460cee0b241d9bc6bf9c83f7bba6d_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:683aefe3e095f21c07489793644413aec5f55e5c6193f7961a17c95a42aaf5a4_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:788b98d8e719fc6a7395882f209361da891d81253252e1874d2b5fcd8b272042_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:580b463fab66f776bdda7b9337ca229cdf7559616756b3dde5f4fde81fcebe08_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:467308015352358d822228ae3247621d83cd51fb20a87384623706ec648bb0e9_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:76f695ed58f0b255fb0a8a672744cde4193e231b98d1539dfd811ad390dff56c_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:e748c16a1a1a9ba19decb60cad5625f9e9e4987c72a54907d826f731e229becd_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:ffd3823014509a0ce3b72ece5caa34e0c331f0133e284ce08614113445d256c4_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:5dd05762652a895bc48db344e573942e0d291175b2391e60d152ce60b6e3ea3e_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:abc1c2b5726805ca4ccd1ed50dc7ab3706bc36ffa31d499cd6374242118180e3_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:563507ce784589a79aaa4d8c29742f098f6501d17d9f477472e279556e8e15ce_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a2401108688b44ef1fd9b187894358b4536ad9b2b5c436d507ff15f9f6af0f9f_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:9acd4b9e8b289064491b5749aa7c642dd5f0470f70f0503c1f7c7c047053760f_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:db0489f5160a0f569c0b0b05d6e26e7ff5618dd0cde85d77133b76fd70b9c5b7_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:1e3615ff55c43d1bf7f5a9be449179d896271f90837476f6c545c917637466a8_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:f810c2421d77579caabec7dfcbf82dc3840751c486669df02d2877c9f1962436_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:63b3b7a87a8f9360248e9ff45ac46484c18bb972c735fe8e4b6bdf127d943b47_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:7ead858553adfb95b5a2704cc2dca061a5f36de7575d829e0568a94b09a55573_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:b5a320e87976d906b9aa37da2cd9f40f54e05847245345e2dc4285633b90460f_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:9199f9bc2dbeb91874f2865e4162c681e1f75a41f5cc73702226424345971e85_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:f786ba3de0ca54a9252f5e9f615fa5662c76e0fcffbdf635d3071865758e5c8b_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:4a0d654eea8b9669f082ed092e79b3203a131223b8e534c3414051aad05497b0_amd64 | — |
Threats
Impact
Low
A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on an HTTP server by exploiting the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability.
7.5 (High)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:f1dfaac28b4e889c7433bcb6a8cf84a4ae154e47936cc774d7da7a8361a6090d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5beca691807b625e0b7b0d086e4a69ad846753cec6ed31e09fe7b46a78dd75a0_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:cf5542bd64485c1f560dc43b9754e29dcdf460cee0b241d9bc6bf9c83f7bba6d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:467308015352358d822228ae3247621d83cd51fb20a87384623706ec648bb0e9_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:76f695ed58f0b255fb0a8a672744cde4193e231b98d1539dfd811ad390dff56c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:9acd4b9e8b289064491b5749aa7c642dd5f0470f70f0503c1f7c7c047053760f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:9199f9bc2dbeb91874f2865e4162c681e1f75a41f5cc73702226424345971e85_amd64 | — |
Vendor Fix
fix
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:4541ed04a67e85fae426a5a58695339e583e2692878dca1cc93c62b5e1e30fd3_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:79ad494103e90fb80f012c4324555e6f93c4c37df85b1ecea9f80495a521e01f_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:50d63dbcda94374e6d40b01632619fd81ce0e800166cfa1c08711e145cbcf0d6_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:5d815abb91431f9a88981c52b071ab991b4b74f5801be2bdc6ea7570c9451f34_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:ac8b60a91411c0fcc4ab2c52db8b6e7682ee747c8969dde9ad8d1a5aa7d44772_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:7fc8e3971a085fb4f0417d9bc412f37a8ac1ca93e619fbd85862682d7d0d24cc_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:683aefe3e095f21c07489793644413aec5f55e5c6193f7961a17c95a42aaf5a4_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:788b98d8e719fc6a7395882f209361da891d81253252e1874d2b5fcd8b272042_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:580b463fab66f776bdda7b9337ca229cdf7559616756b3dde5f4fde81fcebe08_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:e748c16a1a1a9ba19decb60cad5625f9e9e4987c72a54907d826f731e229becd_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:ffd3823014509a0ce3b72ece5caa34e0c331f0133e284ce08614113445d256c4_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:5dd05762652a895bc48db344e573942e0d291175b2391e60d152ce60b6e3ea3e_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:abc1c2b5726805ca4ccd1ed50dc7ab3706bc36ffa31d499cd6374242118180e3_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:563507ce784589a79aaa4d8c29742f098f6501d17d9f477472e279556e8e15ce_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a2401108688b44ef1fd9b187894358b4536ad9b2b5c436d507ff15f9f6af0f9f_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:db0489f5160a0f569c0b0b05d6e26e7ff5618dd0cde85d77133b76fd70b9c5b7_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:4455b45f19f5223e5239bad8bc30b258f33025545d7a16314303ed60af00a2fa_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:1e3615ff55c43d1bf7f5a9be449179d896271f90837476f6c545c917637466a8_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:f810c2421d77579caabec7dfcbf82dc3840751c486669df02d2877c9f1962436_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:63b3b7a87a8f9360248e9ff45ac46484c18bb972c735fe8e4b6bdf127d943b47_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:7ead858553adfb95b5a2704cc2dca061a5f36de7575d829e0568a94b09a55573_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:b5a320e87976d906b9aa37da2cd9f40f54e05847245345e2dc4285633b90460f_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:f786ba3de0ca54a9252f5e9f615fa5662c76e0fcffbdf635d3071865758e5c8b_amd64 | — | ||
| Unresolved product id: 8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:4a0d654eea8b9669f082ed092e79b3203a131223b8e534c3414051aad05497b0_amd64 | — |
Threats
Impact
Moderate
References
59 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release 4.10.1 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains the following OpenShift Virtualization 4.10.1 images:\n\nRHEL-8-CNV-4.10\n==============\n\nvirtio-win-container-v4.10.1-4\nhostpath-provisioner-operator-container-v4.10.1-6\nbridge-marker-container-v4.10.1-12\ncnv-containernetworking-plugins-container-v4.10.1-12\novs-cni-plugin-container-v4.10.1-12\nkubemacpool-container-v4.10.1-12\novs-cni-marker-container-v4.10.1-12\nkubernetes-nmstate-handler-container-v4.10.1-12\ncluster-network-addons-operator-container-v4.10.1-12\ncnv-must-gather-container-v4.10.1-15\nhyperconverged-cluster-webhook-container-v4.10.1-19\nhyperconverged-cluster-operator-container-v4.10.1-19\nkubevirt-ssp-operator-container-v4.10.1-10\nvirt-cdi-apiserver-container-v4.10.1-16\nvirt-cdi-controller-container-v4.10.1-16\nhostpath-provisioner-container-v4.10.1-5\nvirt-cdi-uploadserver-container-v4.10.1-16\nnode-maintenance-operator-container-v4.10.1-4\nvirt-cdi-operator-container-v4.10.1-16\nvirt-cdi-uploadproxy-container-v4.10.1-16\nhostpath-csi-driver-container-v4.10.1-5\nvirt-cdi-cloner-container-v4.10.1-16\nkubevirt-template-validator-container-v4.10.1-4\nvirt-cdi-importer-container-v4.10.1-16\nvirt-api-container-v4.10.1-8\nvirt-handler-container-v4.10.1-8\nvirt-controller-container-v4.10.1-8\nvirt-launcher-container-v4.10.1-8\nvirt-artifacts-server-container-v4.10.1-8\nlibguestfs-tools-container-v4.10.1-8\nvirt-operator-container-v4.10.1-8\nhco-bundle-registry-container-v4.10.1-99\n\nSecurity Fix(es):\n\n* golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)\n\n* prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)\n\n* opencontainers: OCI manifest and index parsing confusion (CVE-2021-41190)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:4668",
"url": "https://access.redhat.com/errata/RHSA-2022:4668"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1995656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
},
{
"category": "external",
"summary": "2000478",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2000478"
},
{
"category": "external",
"summary": "2022742",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2022742"
},
{
"category": "external",
"summary": "2024938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024938"
},
{
"category": "external",
"summary": "2028619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2028619"
},
{
"category": "external",
"summary": "2029359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2029359"
},
{
"category": "external",
"summary": "2032837",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032837"
},
{
"category": "external",
"summary": "2033385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2033385"
},
{
"category": "external",
"summary": "2038814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2038814"
},
{
"category": "external",
"summary": "2039019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2039019"
},
{
"category": "external",
"summary": "2045880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2045880"
},
{
"category": "external",
"summary": "2046686",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046686"
},
{
"category": "external",
"summary": "2049990",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2049990"
},
{
"category": "external",
"summary": "2053390",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2053390"
},
{
"category": "external",
"summary": "2054778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2054778"
},
{
"category": "external",
"summary": "2054782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2054782"
},
{
"category": "external",
"summary": "2055304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055304"
},
{
"category": "external",
"summary": "2055950",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055950"
},
{
"category": "external",
"summary": "2056421",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056421"
},
{
"category": "external",
"summary": "2056464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056464"
},
{
"category": "external",
"summary": "2056619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056619"
},
{
"category": "external",
"summary": "2057142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2057142"
},
{
"category": "external",
"summary": "2057148",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2057148"
},
{
"category": "external",
"summary": "2057613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2057613"
},
{
"category": "external",
"summary": "2059185",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2059185"
},
{
"category": "external",
"summary": "2059613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2059613"
},
{
"category": "external",
"summary": "2062227",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062227"
},
{
"category": "external",
"summary": "2062321",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062321"
},
{
"category": "external",
"summary": "2063991",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2063991"
},
{
"category": "external",
"summary": "2065308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2065308"
},
{
"category": "external",
"summary": "2065743",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2065743"
},
{
"category": "external",
"summary": "2065755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2065755"
},
{
"category": "external",
"summary": "2066086",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066086"
},
{
"category": "external",
"summary": "2066712",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066712"
},
{
"category": "external",
"summary": "2069055",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2069055"
},
{
"category": "external",
"summary": "2070050",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2070050"
},
{
"category": "external",
"summary": "2073880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073880"
},
{
"category": "external",
"summary": "2077920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2077920"
},
{
"category": "external",
"summary": "2078878",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2078878"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_4668.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Virtualization 4.10.1 Images security and bug fix update",
"tracking": {
"current_release_date": "2024-12-17T21:57:03+00:00",
"generator": {
"date": "2024-12-17T21:57:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:4668",
"initial_release_date": "2022-05-18T20:25:33+00:00",
"revision_history": [
{
"date": "2022-05-18T20:25:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-05-18T20:25:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T21:57:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CNV 4.10 for RHEL 8",
"product": {
"name": "CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:4.10::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "container-native-virtualization/bridge-marker@sha256:4541ed04a67e85fae426a5a58695339e583e2692878dca1cc93c62b5e1e30fd3_amd64",
"product": {
"name": "container-native-virtualization/bridge-marker@sha256:4541ed04a67e85fae426a5a58695339e583e2692878dca1cc93c62b5e1e30fd3_amd64",
"product_id": "container-native-virtualization/bridge-marker@sha256:4541ed04a67e85fae426a5a58695339e583e2692878dca1cc93c62b5e1e30fd3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bridge-marker@sha256:4541ed04a67e85fae426a5a58695339e583e2692878dca1cc93c62b5e1e30fd3?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/bridge-marker\u0026tag=v4.10.1-12"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:79ad494103e90fb80f012c4324555e6f93c4c37df85b1ecea9f80495a521e01f_amd64",
"product": {
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:79ad494103e90fb80f012c4324555e6f93c4c37df85b1ecea9f80495a521e01f_amd64",
"product_id": "container-native-virtualization/cluster-network-addons-operator@sha256:79ad494103e90fb80f012c4324555e6f93c4c37df85b1ecea9f80495a521e01f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-network-addons-operator@sha256:79ad494103e90fb80f012c4324555e6f93c4c37df85b1ecea9f80495a521e01f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cluster-network-addons-operator\u0026tag=v4.10.1-12"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:50d63dbcda94374e6d40b01632619fd81ce0e800166cfa1c08711e145cbcf0d6_amd64",
"product": {
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:50d63dbcda94374e6d40b01632619fd81ce0e800166cfa1c08711e145cbcf0d6_amd64",
"product_id": "container-native-virtualization/cnv-containernetworking-plugins@sha256:50d63dbcda94374e6d40b01632619fd81ce0e800166cfa1c08711e145cbcf0d6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cnv-containernetworking-plugins@sha256:50d63dbcda94374e6d40b01632619fd81ce0e800166cfa1c08711e145cbcf0d6?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-containernetworking-plugins\u0026tag=v4.10.1-12"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:5d815abb91431f9a88981c52b071ab991b4b74f5801be2bdc6ea7570c9451f34_amd64",
"product": {
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:5d815abb91431f9a88981c52b071ab991b4b74f5801be2bdc6ea7570c9451f34_amd64",
"product_id": "container-native-virtualization/cnv-must-gather-rhel8@sha256:5d815abb91431f9a88981c52b071ab991b4b74f5801be2bdc6ea7570c9451f34_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cnv-must-gather-rhel8@sha256:5d815abb91431f9a88981c52b071ab991b4b74f5801be2bdc6ea7570c9451f34?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-must-gather-rhel8\u0026tag=v4.10.1-15"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hco-bundle-registry@sha256:ac8b60a91411c0fcc4ab2c52db8b6e7682ee747c8969dde9ad8d1a5aa7d44772_amd64",
"product": {
"name": "container-native-virtualization/hco-bundle-registry@sha256:ac8b60a91411c0fcc4ab2c52db8b6e7682ee747c8969dde9ad8d1a5aa7d44772_amd64",
"product_id": "container-native-virtualization/hco-bundle-registry@sha256:ac8b60a91411c0fcc4ab2c52db8b6e7682ee747c8969dde9ad8d1a5aa7d44772_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hco-bundle-registry@sha256:ac8b60a91411c0fcc4ab2c52db8b6e7682ee747c8969dde9ad8d1a5aa7d44772?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hco-bundle-registry\u0026tag=v4.10.1-99"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"product": {
"name": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"product_id": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-csi-driver-rhel8@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-csi-driver-rhel8\u0026tag=v4.10.1-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-csi-driver@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"product": {
"name": "container-native-virtualization/hostpath-csi-driver@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"product_id": "container-native-virtualization/hostpath-csi-driver@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-csi-driver@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-csi-driver\u0026tag=v4.10.1-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:5beca691807b625e0b7b0d086e4a69ad846753cec6ed31e09fe7b46a78dd75a0_amd64",
"product": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:5beca691807b625e0b7b0d086e4a69ad846753cec6ed31e09fe7b46a78dd75a0_amd64",
"product_id": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:5beca691807b625e0b7b0d086e4a69ad846753cec6ed31e09fe7b46a78dd75a0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-provisioner-rhel8@sha256:5beca691807b625e0b7b0d086e4a69ad846753cec6ed31e09fe7b46a78dd75a0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8\u0026tag=v4.10.1-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:f1dfaac28b4e889c7433bcb6a8cf84a4ae154e47936cc774d7da7a8361a6090d_amd64",
"product": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:f1dfaac28b4e889c7433bcb6a8cf84a4ae154e47936cc774d7da7a8361a6090d_amd64",
"product_id": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:f1dfaac28b4e889c7433bcb6a8cf84a4ae154e47936cc774d7da7a8361a6090d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-provisioner-rhel8-operator@sha256:f1dfaac28b4e889c7433bcb6a8cf84a4ae154e47936cc774d7da7a8361a6090d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8-operator\u0026tag=v4.10.1-6"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:7fc8e3971a085fb4f0417d9bc412f37a8ac1ca93e619fbd85862682d7d0d24cc_amd64",
"product": {
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:7fc8e3971a085fb4f0417d9bc412f37a8ac1ca93e619fbd85862682d7d0d24cc_amd64",
"product_id": "container-native-virtualization/hyperconverged-cluster-operator@sha256:7fc8e3971a085fb4f0417d9bc412f37a8ac1ca93e619fbd85862682d7d0d24cc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hyperconverged-cluster-operator@sha256:7fc8e3971a085fb4f0417d9bc412f37a8ac1ca93e619fbd85862682d7d0d24cc?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-operator\u0026tag=v4.10.1-19"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:cf5542bd64485c1f560dc43b9754e29dcdf460cee0b241d9bc6bf9c83f7bba6d_amd64",
"product": {
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:cf5542bd64485c1f560dc43b9754e29dcdf460cee0b241d9bc6bf9c83f7bba6d_amd64",
"product_id": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:cf5542bd64485c1f560dc43b9754e29dcdf460cee0b241d9bc6bf9c83f7bba6d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hyperconverged-cluster-webhook-rhel8@sha256:cf5542bd64485c1f560dc43b9754e29dcdf460cee0b241d9bc6bf9c83f7bba6d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-webhook-rhel8\u0026tag=v4.10.1-19"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubemacpool@sha256:683aefe3e095f21c07489793644413aec5f55e5c6193f7961a17c95a42aaf5a4_amd64",
"product": {
"name": "container-native-virtualization/kubemacpool@sha256:683aefe3e095f21c07489793644413aec5f55e5c6193f7961a17c95a42aaf5a4_amd64",
"product_id": "container-native-virtualization/kubemacpool@sha256:683aefe3e095f21c07489793644413aec5f55e5c6193f7961a17c95a42aaf5a4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubemacpool@sha256:683aefe3e095f21c07489793644413aec5f55e5c6193f7961a17c95a42aaf5a4?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubemacpool\u0026tag=v4.10.1-12"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:788b98d8e719fc6a7395882f209361da891d81253252e1874d2b5fcd8b272042_amd64",
"product": {
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:788b98d8e719fc6a7395882f209361da891d81253252e1874d2b5fcd8b272042_amd64",
"product_id": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:788b98d8e719fc6a7395882f209361da891d81253252e1874d2b5fcd8b272042_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubernetes-nmstate-handler-rhel8@sha256:788b98d8e719fc6a7395882f209361da891d81253252e1874d2b5fcd8b272042?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubernetes-nmstate-handler-rhel8\u0026tag=v4.10.1-12"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:580b463fab66f776bdda7b9337ca229cdf7559616756b3dde5f4fde81fcebe08_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:580b463fab66f776bdda7b9337ca229cdf7559616756b3dde5f4fde81fcebe08_amd64",
"product_id": "container-native-virtualization/kubevirt-ssp-operator@sha256:580b463fab66f776bdda7b9337ca229cdf7559616756b3dde5f4fde81fcebe08_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-ssp-operator@sha256:580b463fab66f776bdda7b9337ca229cdf7559616756b3dde5f4fde81fcebe08?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-ssp-operator\u0026tag=v4.10.1-10"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-template-validator@sha256:467308015352358d822228ae3247621d83cd51fb20a87384623706ec648bb0e9_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-template-validator@sha256:467308015352358d822228ae3247621d83cd51fb20a87384623706ec648bb0e9_amd64",
"product_id": "container-native-virtualization/kubevirt-template-validator@sha256:467308015352358d822228ae3247621d83cd51fb20a87384623706ec648bb0e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-template-validator@sha256:467308015352358d822228ae3247621d83cd51fb20a87384623706ec648bb0e9?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-template-validator\u0026tag=v4.10.1-4"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/libguestfs-tools@sha256:76f695ed58f0b255fb0a8a672744cde4193e231b98d1539dfd811ad390dff56c_amd64",
"product": {
"name": "container-native-virtualization/libguestfs-tools@sha256:76f695ed58f0b255fb0a8a672744cde4193e231b98d1539dfd811ad390dff56c_amd64",
"product_id": "container-native-virtualization/libguestfs-tools@sha256:76f695ed58f0b255fb0a8a672744cde4193e231b98d1539dfd811ad390dff56c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/libguestfs-tools@sha256:76f695ed58f0b255fb0a8a672744cde4193e231b98d1539dfd811ad390dff56c?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/libguestfs-tools\u0026tag=v4.10.1-8"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/node-maintenance-operator@sha256:e748c16a1a1a9ba19decb60cad5625f9e9e4987c72a54907d826f731e229becd_amd64",
"product": {
"name": "container-native-virtualization/node-maintenance-operator@sha256:e748c16a1a1a9ba19decb60cad5625f9e9e4987c72a54907d826f731e229becd_amd64",
"product_id": "container-native-virtualization/node-maintenance-operator@sha256:e748c16a1a1a9ba19decb60cad5625f9e9e4987c72a54907d826f731e229becd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/node-maintenance-operator@sha256:e748c16a1a1a9ba19decb60cad5625f9e9e4987c72a54907d826f731e229becd?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/node-maintenance-operator\u0026tag=v4.10.1-4"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/ovs-cni-marker@sha256:ffd3823014509a0ce3b72ece5caa34e0c331f0133e284ce08614113445d256c4_amd64",
"product": {
"name": "container-native-virtualization/ovs-cni-marker@sha256:ffd3823014509a0ce3b72ece5caa34e0c331f0133e284ce08614113445d256c4_amd64",
"product_id": "container-native-virtualization/ovs-cni-marker@sha256:ffd3823014509a0ce3b72ece5caa34e0c331f0133e284ce08614113445d256c4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ovs-cni-marker@sha256:ffd3823014509a0ce3b72ece5caa34e0c331f0133e284ce08614113445d256c4?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-marker\u0026tag=v4.10.1-12"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/ovs-cni-plugin@sha256:5dd05762652a895bc48db344e573942e0d291175b2391e60d152ce60b6e3ea3e_amd64",
"product": {
"name": "container-native-virtualization/ovs-cni-plugin@sha256:5dd05762652a895bc48db344e573942e0d291175b2391e60d152ce60b6e3ea3e_amd64",
"product_id": "container-native-virtualization/ovs-cni-plugin@sha256:5dd05762652a895bc48db344e573942e0d291175b2391e60d152ce60b6e3ea3e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ovs-cni-plugin@sha256:5dd05762652a895bc48db344e573942e0d291175b2391e60d152ce60b6e3ea3e?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-plugin\u0026tag=v4.10.1-12"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-api@sha256:abc1c2b5726805ca4ccd1ed50dc7ab3706bc36ffa31d499cd6374242118180e3_amd64",
"product": {
"name": "container-native-virtualization/virt-api@sha256:abc1c2b5726805ca4ccd1ed50dc7ab3706bc36ffa31d499cd6374242118180e3_amd64",
"product_id": "container-native-virtualization/virt-api@sha256:abc1c2b5726805ca4ccd1ed50dc7ab3706bc36ffa31d499cd6374242118180e3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-api@sha256:abc1c2b5726805ca4ccd1ed50dc7ab3706bc36ffa31d499cd6374242118180e3?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-api\u0026tag=v4.10.1-8"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-artifacts-server@sha256:563507ce784589a79aaa4d8c29742f098f6501d17d9f477472e279556e8e15ce_amd64",
"product": {
"name": "container-native-virtualization/virt-artifacts-server@sha256:563507ce784589a79aaa4d8c29742f098f6501d17d9f477472e279556e8e15ce_amd64",
"product_id": "container-native-virtualization/virt-artifacts-server@sha256:563507ce784589a79aaa4d8c29742f098f6501d17d9f477472e279556e8e15ce_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-artifacts-server@sha256:563507ce784589a79aaa4d8c29742f098f6501d17d9f477472e279556e8e15ce?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-artifacts-server\u0026tag=v4.10.1-8"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:a2401108688b44ef1fd9b187894358b4536ad9b2b5c436d507ff15f9f6af0f9f_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:a2401108688b44ef1fd9b187894358b4536ad9b2b5c436d507ff15f9f6af0f9f_amd64",
"product_id": "container-native-virtualization/virt-cdi-apiserver@sha256:a2401108688b44ef1fd9b187894358b4536ad9b2b5c436d507ff15f9f6af0f9f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-apiserver@sha256:a2401108688b44ef1fd9b187894358b4536ad9b2b5c436d507ff15f9f6af0f9f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-apiserver\u0026tag=v4.10.1-16"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-cloner@sha256:9acd4b9e8b289064491b5749aa7c642dd5f0470f70f0503c1f7c7c047053760f_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-cloner@sha256:9acd4b9e8b289064491b5749aa7c642dd5f0470f70f0503c1f7c7c047053760f_amd64",
"product_id": "container-native-virtualization/virt-cdi-cloner@sha256:9acd4b9e8b289064491b5749aa7c642dd5f0470f70f0503c1f7c7c047053760f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-cloner@sha256:9acd4b9e8b289064491b5749aa7c642dd5f0470f70f0503c1f7c7c047053760f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-cloner\u0026tag=v4.10.1-16"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-controller@sha256:db0489f5160a0f569c0b0b05d6e26e7ff5618dd0cde85d77133b76fd70b9c5b7_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-controller@sha256:db0489f5160a0f569c0b0b05d6e26e7ff5618dd0cde85d77133b76fd70b9c5b7_amd64",
"product_id": "container-native-virtualization/virt-cdi-controller@sha256:db0489f5160a0f569c0b0b05d6e26e7ff5618dd0cde85d77133b76fd70b9c5b7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-controller@sha256:db0489f5160a0f569c0b0b05d6e26e7ff5618dd0cde85d77133b76fd70b9c5b7?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-controller\u0026tag=v4.10.1-16"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-importer@sha256:4455b45f19f5223e5239bad8bc30b258f33025545d7a16314303ed60af00a2fa_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-importer@sha256:4455b45f19f5223e5239bad8bc30b258f33025545d7a16314303ed60af00a2fa_amd64",
"product_id": "container-native-virtualization/virt-cdi-importer@sha256:4455b45f19f5223e5239bad8bc30b258f33025545d7a16314303ed60af00a2fa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-importer@sha256:4455b45f19f5223e5239bad8bc30b258f33025545d7a16314303ed60af00a2fa?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-importer\u0026tag=v4.10.1-16"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-operator@sha256:1e3615ff55c43d1bf7f5a9be449179d896271f90837476f6c545c917637466a8_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-operator@sha256:1e3615ff55c43d1bf7f5a9be449179d896271f90837476f6c545c917637466a8_amd64",
"product_id": "container-native-virtualization/virt-cdi-operator@sha256:1e3615ff55c43d1bf7f5a9be449179d896271f90837476f6c545c917637466a8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-operator@sha256:1e3615ff55c43d1bf7f5a9be449179d896271f90837476f6c545c917637466a8?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-operator\u0026tag=v4.10.1-16"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:f810c2421d77579caabec7dfcbf82dc3840751c486669df02d2877c9f1962436_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:f810c2421d77579caabec7dfcbf82dc3840751c486669df02d2877c9f1962436_amd64",
"product_id": "container-native-virtualization/virt-cdi-uploadproxy@sha256:f810c2421d77579caabec7dfcbf82dc3840751c486669df02d2877c9f1962436_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-uploadproxy@sha256:f810c2421d77579caabec7dfcbf82dc3840751c486669df02d2877c9f1962436?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadproxy\u0026tag=v4.10.1-16"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:63b3b7a87a8f9360248e9ff45ac46484c18bb972c735fe8e4b6bdf127d943b47_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:63b3b7a87a8f9360248e9ff45ac46484c18bb972c735fe8e4b6bdf127d943b47_amd64",
"product_id": "container-native-virtualization/virt-cdi-uploadserver@sha256:63b3b7a87a8f9360248e9ff45ac46484c18bb972c735fe8e4b6bdf127d943b47_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-uploadserver@sha256:63b3b7a87a8f9360248e9ff45ac46484c18bb972c735fe8e4b6bdf127d943b47?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadserver\u0026tag=v4.10.1-16"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-controller@sha256:7ead858553adfb95b5a2704cc2dca061a5f36de7575d829e0568a94b09a55573_amd64",
"product": {
"name": "container-native-virtualization/virt-controller@sha256:7ead858553adfb95b5a2704cc2dca061a5f36de7575d829e0568a94b09a55573_amd64",
"product_id": "container-native-virtualization/virt-controller@sha256:7ead858553adfb95b5a2704cc2dca061a5f36de7575d829e0568a94b09a55573_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-controller@sha256:7ead858553adfb95b5a2704cc2dca061a5f36de7575d829e0568a94b09a55573?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-controller\u0026tag=v4.10.1-8"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-handler@sha256:b5a320e87976d906b9aa37da2cd9f40f54e05847245345e2dc4285633b90460f_amd64",
"product": {
"name": "container-native-virtualization/virt-handler@sha256:b5a320e87976d906b9aa37da2cd9f40f54e05847245345e2dc4285633b90460f_amd64",
"product_id": "container-native-virtualization/virt-handler@sha256:b5a320e87976d906b9aa37da2cd9f40f54e05847245345e2dc4285633b90460f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-handler@sha256:b5a320e87976d906b9aa37da2cd9f40f54e05847245345e2dc4285633b90460f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-handler\u0026tag=v4.10.1-8"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virtio-win@sha256:4a0d654eea8b9669f082ed092e79b3203a131223b8e534c3414051aad05497b0_amd64",
"product": {
"name": "container-native-virtualization/virtio-win@sha256:4a0d654eea8b9669f082ed092e79b3203a131223b8e534c3414051aad05497b0_amd64",
"product_id": "container-native-virtualization/virtio-win@sha256:4a0d654eea8b9669f082ed092e79b3203a131223b8e534c3414051aad05497b0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virtio-win@sha256:4a0d654eea8b9669f082ed092e79b3203a131223b8e534c3414051aad05497b0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virtio-win\u0026tag=v4.10.1-4"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-launcher@sha256:9199f9bc2dbeb91874f2865e4162c681e1f75a41f5cc73702226424345971e85_amd64",
"product": {
"name": "container-native-virtualization/virt-launcher@sha256:9199f9bc2dbeb91874f2865e4162c681e1f75a41f5cc73702226424345971e85_amd64",
"product_id": "container-native-virtualization/virt-launcher@sha256:9199f9bc2dbeb91874f2865e4162c681e1f75a41f5cc73702226424345971e85_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-launcher@sha256:9199f9bc2dbeb91874f2865e4162c681e1f75a41f5cc73702226424345971e85?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-launcher\u0026tag=v4.10.1-8"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-operator@sha256:f786ba3de0ca54a9252f5e9f615fa5662c76e0fcffbdf635d3071865758e5c8b_amd64",
"product": {
"name": "container-native-virtualization/virt-operator@sha256:f786ba3de0ca54a9252f5e9f615fa5662c76e0fcffbdf635d3071865758e5c8b_amd64",
"product_id": "container-native-virtualization/virt-operator@sha256:f786ba3de0ca54a9252f5e9f615fa5662c76e0fcffbdf635d3071865758e5c8b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-operator@sha256:f786ba3de0ca54a9252f5e9f615fa5662c76e0fcffbdf635d3071865758e5c8b?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-operator\u0026tag=v4.10.1-8"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/bridge-marker@sha256:4541ed04a67e85fae426a5a58695339e583e2692878dca1cc93c62b5e1e30fd3_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:4541ed04a67e85fae426a5a58695339e583e2692878dca1cc93c62b5e1e30fd3_amd64"
},
"product_reference": "container-native-virtualization/bridge-marker@sha256:4541ed04a67e85fae426a5a58695339e583e2692878dca1cc93c62b5e1e30fd3_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:79ad494103e90fb80f012c4324555e6f93c4c37df85b1ecea9f80495a521e01f_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:79ad494103e90fb80f012c4324555e6f93c4c37df85b1ecea9f80495a521e01f_amd64"
},
"product_reference": "container-native-virtualization/cluster-network-addons-operator@sha256:79ad494103e90fb80f012c4324555e6f93c4c37df85b1ecea9f80495a521e01f_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:50d63dbcda94374e6d40b01632619fd81ce0e800166cfa1c08711e145cbcf0d6_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:50d63dbcda94374e6d40b01632619fd81ce0e800166cfa1c08711e145cbcf0d6_amd64"
},
"product_reference": "container-native-virtualization/cnv-containernetworking-plugins@sha256:50d63dbcda94374e6d40b01632619fd81ce0e800166cfa1c08711e145cbcf0d6_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:5d815abb91431f9a88981c52b071ab991b4b74f5801be2bdc6ea7570c9451f34_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:5d815abb91431f9a88981c52b071ab991b4b74f5801be2bdc6ea7570c9451f34_amd64"
},
"product_reference": "container-native-virtualization/cnv-must-gather-rhel8@sha256:5d815abb91431f9a88981c52b071ab991b4b74f5801be2bdc6ea7570c9451f34_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hco-bundle-registry@sha256:ac8b60a91411c0fcc4ab2c52db8b6e7682ee747c8969dde9ad8d1a5aa7d44772_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:ac8b60a91411c0fcc4ab2c52db8b6e7682ee747c8969dde9ad8d1a5aa7d44772_amd64"
},
"product_reference": "container-native-virtualization/hco-bundle-registry@sha256:ac8b60a91411c0fcc4ab2c52db8b6e7682ee747c8969dde9ad8d1a5aa7d44772_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64"
},
"product_reference": "container-native-virtualization/hostpath-csi-driver-rhel8@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-csi-driver@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64"
},
"product_reference": "container-native-virtualization/hostpath-csi-driver@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:f1dfaac28b4e889c7433bcb6a8cf84a4ae154e47936cc774d7da7a8361a6090d_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:f1dfaac28b4e889c7433bcb6a8cf84a4ae154e47936cc774d7da7a8361a6090d_amd64"
},
"product_reference": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:f1dfaac28b4e889c7433bcb6a8cf84a4ae154e47936cc774d7da7a8361a6090d_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:5beca691807b625e0b7b0d086e4a69ad846753cec6ed31e09fe7b46a78dd75a0_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5beca691807b625e0b7b0d086e4a69ad846753cec6ed31e09fe7b46a78dd75a0_amd64"
},
"product_reference": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:5beca691807b625e0b7b0d086e4a69ad846753cec6ed31e09fe7b46a78dd75a0_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:7fc8e3971a085fb4f0417d9bc412f37a8ac1ca93e619fbd85862682d7d0d24cc_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:7fc8e3971a085fb4f0417d9bc412f37a8ac1ca93e619fbd85862682d7d0d24cc_amd64"
},
"product_reference": "container-native-virtualization/hyperconverged-cluster-operator@sha256:7fc8e3971a085fb4f0417d9bc412f37a8ac1ca93e619fbd85862682d7d0d24cc_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:cf5542bd64485c1f560dc43b9754e29dcdf460cee0b241d9bc6bf9c83f7bba6d_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:cf5542bd64485c1f560dc43b9754e29dcdf460cee0b241d9bc6bf9c83f7bba6d_amd64"
},
"product_reference": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:cf5542bd64485c1f560dc43b9754e29dcdf460cee0b241d9bc6bf9c83f7bba6d_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubemacpool@sha256:683aefe3e095f21c07489793644413aec5f55e5c6193f7961a17c95a42aaf5a4_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:683aefe3e095f21c07489793644413aec5f55e5c6193f7961a17c95a42aaf5a4_amd64"
},
"product_reference": "container-native-virtualization/kubemacpool@sha256:683aefe3e095f21c07489793644413aec5f55e5c6193f7961a17c95a42aaf5a4_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:788b98d8e719fc6a7395882f209361da891d81253252e1874d2b5fcd8b272042_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:788b98d8e719fc6a7395882f209361da891d81253252e1874d2b5fcd8b272042_amd64"
},
"product_reference": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:788b98d8e719fc6a7395882f209361da891d81253252e1874d2b5fcd8b272042_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:580b463fab66f776bdda7b9337ca229cdf7559616756b3dde5f4fde81fcebe08_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:580b463fab66f776bdda7b9337ca229cdf7559616756b3dde5f4fde81fcebe08_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-ssp-operator@sha256:580b463fab66f776bdda7b9337ca229cdf7559616756b3dde5f4fde81fcebe08_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-template-validator@sha256:467308015352358d822228ae3247621d83cd51fb20a87384623706ec648bb0e9_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:467308015352358d822228ae3247621d83cd51fb20a87384623706ec648bb0e9_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-template-validator@sha256:467308015352358d822228ae3247621d83cd51fb20a87384623706ec648bb0e9_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/libguestfs-tools@sha256:76f695ed58f0b255fb0a8a672744cde4193e231b98d1539dfd811ad390dff56c_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:76f695ed58f0b255fb0a8a672744cde4193e231b98d1539dfd811ad390dff56c_amd64"
},
"product_reference": "container-native-virtualization/libguestfs-tools@sha256:76f695ed58f0b255fb0a8a672744cde4193e231b98d1539dfd811ad390dff56c_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/node-maintenance-operator@sha256:e748c16a1a1a9ba19decb60cad5625f9e9e4987c72a54907d826f731e229becd_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:e748c16a1a1a9ba19decb60cad5625f9e9e4987c72a54907d826f731e229becd_amd64"
},
"product_reference": "container-native-virtualization/node-maintenance-operator@sha256:e748c16a1a1a9ba19decb60cad5625f9e9e4987c72a54907d826f731e229becd_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/ovs-cni-marker@sha256:ffd3823014509a0ce3b72ece5caa34e0c331f0133e284ce08614113445d256c4_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:ffd3823014509a0ce3b72ece5caa34e0c331f0133e284ce08614113445d256c4_amd64"
},
"product_reference": "container-native-virtualization/ovs-cni-marker@sha256:ffd3823014509a0ce3b72ece5caa34e0c331f0133e284ce08614113445d256c4_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/ovs-cni-plugin@sha256:5dd05762652a895bc48db344e573942e0d291175b2391e60d152ce60b6e3ea3e_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:5dd05762652a895bc48db344e573942e0d291175b2391e60d152ce60b6e3ea3e_amd64"
},
"product_reference": "container-native-virtualization/ovs-cni-plugin@sha256:5dd05762652a895bc48db344e573942e0d291175b2391e60d152ce60b6e3ea3e_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-api@sha256:abc1c2b5726805ca4ccd1ed50dc7ab3706bc36ffa31d499cd6374242118180e3_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:abc1c2b5726805ca4ccd1ed50dc7ab3706bc36ffa31d499cd6374242118180e3_amd64"
},
"product_reference": "container-native-virtualization/virt-api@sha256:abc1c2b5726805ca4ccd1ed50dc7ab3706bc36ffa31d499cd6374242118180e3_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-artifacts-server@sha256:563507ce784589a79aaa4d8c29742f098f6501d17d9f477472e279556e8e15ce_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:563507ce784589a79aaa4d8c29742f098f6501d17d9f477472e279556e8e15ce_amd64"
},
"product_reference": "container-native-virtualization/virt-artifacts-server@sha256:563507ce784589a79aaa4d8c29742f098f6501d17d9f477472e279556e8e15ce_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:a2401108688b44ef1fd9b187894358b4536ad9b2b5c436d507ff15f9f6af0f9f_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a2401108688b44ef1fd9b187894358b4536ad9b2b5c436d507ff15f9f6af0f9f_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-apiserver@sha256:a2401108688b44ef1fd9b187894358b4536ad9b2b5c436d507ff15f9f6af0f9f_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-cloner@sha256:9acd4b9e8b289064491b5749aa7c642dd5f0470f70f0503c1f7c7c047053760f_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:9acd4b9e8b289064491b5749aa7c642dd5f0470f70f0503c1f7c7c047053760f_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-cloner@sha256:9acd4b9e8b289064491b5749aa7c642dd5f0470f70f0503c1f7c7c047053760f_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-controller@sha256:db0489f5160a0f569c0b0b05d6e26e7ff5618dd0cde85d77133b76fd70b9c5b7_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:db0489f5160a0f569c0b0b05d6e26e7ff5618dd0cde85d77133b76fd70b9c5b7_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-controller@sha256:db0489f5160a0f569c0b0b05d6e26e7ff5618dd0cde85d77133b76fd70b9c5b7_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-importer@sha256:4455b45f19f5223e5239bad8bc30b258f33025545d7a16314303ed60af00a2fa_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:4455b45f19f5223e5239bad8bc30b258f33025545d7a16314303ed60af00a2fa_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-importer@sha256:4455b45f19f5223e5239bad8bc30b258f33025545d7a16314303ed60af00a2fa_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-operator@sha256:1e3615ff55c43d1bf7f5a9be449179d896271f90837476f6c545c917637466a8_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:1e3615ff55c43d1bf7f5a9be449179d896271f90837476f6c545c917637466a8_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-operator@sha256:1e3615ff55c43d1bf7f5a9be449179d896271f90837476f6c545c917637466a8_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:f810c2421d77579caabec7dfcbf82dc3840751c486669df02d2877c9f1962436_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:f810c2421d77579caabec7dfcbf82dc3840751c486669df02d2877c9f1962436_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-uploadproxy@sha256:f810c2421d77579caabec7dfcbf82dc3840751c486669df02d2877c9f1962436_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:63b3b7a87a8f9360248e9ff45ac46484c18bb972c735fe8e4b6bdf127d943b47_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:63b3b7a87a8f9360248e9ff45ac46484c18bb972c735fe8e4b6bdf127d943b47_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-uploadserver@sha256:63b3b7a87a8f9360248e9ff45ac46484c18bb972c735fe8e4b6bdf127d943b47_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-controller@sha256:7ead858553adfb95b5a2704cc2dca061a5f36de7575d829e0568a94b09a55573_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:7ead858553adfb95b5a2704cc2dca061a5f36de7575d829e0568a94b09a55573_amd64"
},
"product_reference": "container-native-virtualization/virt-controller@sha256:7ead858553adfb95b5a2704cc2dca061a5f36de7575d829e0568a94b09a55573_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-handler@sha256:b5a320e87976d906b9aa37da2cd9f40f54e05847245345e2dc4285633b90460f_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:b5a320e87976d906b9aa37da2cd9f40f54e05847245345e2dc4285633b90460f_amd64"
},
"product_reference": "container-native-virtualization/virt-handler@sha256:b5a320e87976d906b9aa37da2cd9f40f54e05847245345e2dc4285633b90460f_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-launcher@sha256:9199f9bc2dbeb91874f2865e4162c681e1f75a41f5cc73702226424345971e85_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:9199f9bc2dbeb91874f2865e4162c681e1f75a41f5cc73702226424345971e85_amd64"
},
"product_reference": "container-native-virtualization/virt-launcher@sha256:9199f9bc2dbeb91874f2865e4162c681e1f75a41f5cc73702226424345971e85_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-operator@sha256:f786ba3de0ca54a9252f5e9f615fa5662c76e0fcffbdf635d3071865758e5c8b_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:f786ba3de0ca54a9252f5e9f615fa5662c76e0fcffbdf635d3071865758e5c8b_amd64"
},
"product_reference": "container-native-virtualization/virt-operator@sha256:f786ba3de0ca54a9252f5e9f615fa5662c76e0fcffbdf635d3071865758e5c8b_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virtio-win@sha256:4a0d654eea8b9669f082ed092e79b3203a131223b8e534c3414051aad05497b0_amd64 as a component of CNV 4.10 for RHEL 8",
"product_id": "8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:4a0d654eea8b9669f082ed092e79b3203a131223b8e534c3414051aad05497b0_amd64"
},
"product_reference": "container-native-virtualization/virtio-win@sha256:4a0d654eea8b9669f082ed092e79b3203a131223b8e534c3414051aad05497b0_amd64",
"relates_to_product_reference": "8Base-CNV-4.10"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-36221",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2021-08-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:4541ed04a67e85fae426a5a58695339e583e2692878dca1cc93c62b5e1e30fd3_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:79ad494103e90fb80f012c4324555e6f93c4c37df85b1ecea9f80495a521e01f_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:50d63dbcda94374e6d40b01632619fd81ce0e800166cfa1c08711e145cbcf0d6_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:5d815abb91431f9a88981c52b071ab991b4b74f5801be2bdc6ea7570c9451f34_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:ac8b60a91411c0fcc4ab2c52db8b6e7682ee747c8969dde9ad8d1a5aa7d44772_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:f1dfaac28b4e889c7433bcb6a8cf84a4ae154e47936cc774d7da7a8361a6090d_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5beca691807b625e0b7b0d086e4a69ad846753cec6ed31e09fe7b46a78dd75a0_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:7fc8e3971a085fb4f0417d9bc412f37a8ac1ca93e619fbd85862682d7d0d24cc_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:cf5542bd64485c1f560dc43b9754e29dcdf460cee0b241d9bc6bf9c83f7bba6d_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:683aefe3e095f21c07489793644413aec5f55e5c6193f7961a17c95a42aaf5a4_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:788b98d8e719fc6a7395882f209361da891d81253252e1874d2b5fcd8b272042_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:580b463fab66f776bdda7b9337ca229cdf7559616756b3dde5f4fde81fcebe08_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:467308015352358d822228ae3247621d83cd51fb20a87384623706ec648bb0e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:76f695ed58f0b255fb0a8a672744cde4193e231b98d1539dfd811ad390dff56c_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:e748c16a1a1a9ba19decb60cad5625f9e9e4987c72a54907d826f731e229becd_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:ffd3823014509a0ce3b72ece5caa34e0c331f0133e284ce08614113445d256c4_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:5dd05762652a895bc48db344e573942e0d291175b2391e60d152ce60b6e3ea3e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:abc1c2b5726805ca4ccd1ed50dc7ab3706bc36ffa31d499cd6374242118180e3_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:563507ce784589a79aaa4d8c29742f098f6501d17d9f477472e279556e8e15ce_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:7ead858553adfb95b5a2704cc2dca061a5f36de7575d829e0568a94b09a55573_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:b5a320e87976d906b9aa37da2cd9f40f54e05847245345e2dc4285633b90460f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:9199f9bc2dbeb91874f2865e4162c681e1f75a41f5cc73702226424345971e85_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:f786ba3de0ca54a9252f5e9f615fa5662c76e0fcffbdf635d3071865758e5c8b_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:4a0d654eea8b9669f082ed092e79b3203a131223b8e534c3414051aad05497b0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1995656"
}
],
"notes": [
{
"category": "description",
"text": "A race condition flaw was found in Go. The incoming requests body weren\u0027t closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* In Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the impacted RHOSP packages.\n\n* In Service Telemetry Framework, because the flaw has a lower impact and the package is not directly used by STF1.3, no update will be provided at this time for the STF1.3 sg-core-container. Additionally, because Service Telemetry Framework1.2 will be retiring soon, no update will be provided at this time for the STF1.2 smart-gateway-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a2401108688b44ef1fd9b187894358b4536ad9b2b5c436d507ff15f9f6af0f9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:9acd4b9e8b289064491b5749aa7c642dd5f0470f70f0503c1f7c7c047053760f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:db0489f5160a0f569c0b0b05d6e26e7ff5618dd0cde85d77133b76fd70b9c5b7_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:4455b45f19f5223e5239bad8bc30b258f33025545d7a16314303ed60af00a2fa_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:1e3615ff55c43d1bf7f5a9be449179d896271f90837476f6c545c917637466a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:f810c2421d77579caabec7dfcbf82dc3840751c486669df02d2877c9f1962436_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:63b3b7a87a8f9360248e9ff45ac46484c18bb972c735fe8e4b6bdf127d943b47_amd64"
],
"known_not_affected": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:4541ed04a67e85fae426a5a58695339e583e2692878dca1cc93c62b5e1e30fd3_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:79ad494103e90fb80f012c4324555e6f93c4c37df85b1ecea9f80495a521e01f_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:50d63dbcda94374e6d40b01632619fd81ce0e800166cfa1c08711e145cbcf0d6_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:5d815abb91431f9a88981c52b071ab991b4b74f5801be2bdc6ea7570c9451f34_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:ac8b60a91411c0fcc4ab2c52db8b6e7682ee747c8969dde9ad8d1a5aa7d44772_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:f1dfaac28b4e889c7433bcb6a8cf84a4ae154e47936cc774d7da7a8361a6090d_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5beca691807b625e0b7b0d086e4a69ad846753cec6ed31e09fe7b46a78dd75a0_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:7fc8e3971a085fb4f0417d9bc412f37a8ac1ca93e619fbd85862682d7d0d24cc_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:cf5542bd64485c1f560dc43b9754e29dcdf460cee0b241d9bc6bf9c83f7bba6d_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:683aefe3e095f21c07489793644413aec5f55e5c6193f7961a17c95a42aaf5a4_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:788b98d8e719fc6a7395882f209361da891d81253252e1874d2b5fcd8b272042_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:580b463fab66f776bdda7b9337ca229cdf7559616756b3dde5f4fde81fcebe08_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:467308015352358d822228ae3247621d83cd51fb20a87384623706ec648bb0e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:76f695ed58f0b255fb0a8a672744cde4193e231b98d1539dfd811ad390dff56c_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:e748c16a1a1a9ba19decb60cad5625f9e9e4987c72a54907d826f731e229becd_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:ffd3823014509a0ce3b72ece5caa34e0c331f0133e284ce08614113445d256c4_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:5dd05762652a895bc48db344e573942e0d291175b2391e60d152ce60b6e3ea3e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:abc1c2b5726805ca4ccd1ed50dc7ab3706bc36ffa31d499cd6374242118180e3_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:563507ce784589a79aaa4d8c29742f098f6501d17d9f477472e279556e8e15ce_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:7ead858553adfb95b5a2704cc2dca061a5f36de7575d829e0568a94b09a55573_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:b5a320e87976d906b9aa37da2cd9f40f54e05847245345e2dc4285633b90460f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:9199f9bc2dbeb91874f2865e4162c681e1f75a41f5cc73702226424345971e85_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:f786ba3de0ca54a9252f5e9f615fa5662c76e0fcffbdf635d3071865758e5c8b_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:4a0d654eea8b9669f082ed092e79b3203a131223b8e534c3414051aad05497b0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-36221"
},
{
"category": "external",
"summary": "RHBZ#1995656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1995656"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36221"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk",
"url": "https://groups.google.com/g/golang-announce/c/uHACNfXAZqk"
}
],
"release_date": "2021-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-18T20:25:33+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a2401108688b44ef1fd9b187894358b4536ad9b2b5c436d507ff15f9f6af0f9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:9acd4b9e8b289064491b5749aa7c642dd5f0470f70f0503c1f7c7c047053760f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:db0489f5160a0f569c0b0b05d6e26e7ff5618dd0cde85d77133b76fd70b9c5b7_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:4455b45f19f5223e5239bad8bc30b258f33025545d7a16314303ed60af00a2fa_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:1e3615ff55c43d1bf7f5a9be449179d896271f90837476f6c545c917637466a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:f810c2421d77579caabec7dfcbf82dc3840751c486669df02d2877c9f1962436_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:63b3b7a87a8f9360248e9ff45ac46484c18bb972c735fe8e4b6bdf127d943b47_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4668"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:4541ed04a67e85fae426a5a58695339e583e2692878dca1cc93c62b5e1e30fd3_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:79ad494103e90fb80f012c4324555e6f93c4c37df85b1ecea9f80495a521e01f_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:50d63dbcda94374e6d40b01632619fd81ce0e800166cfa1c08711e145cbcf0d6_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:5d815abb91431f9a88981c52b071ab991b4b74f5801be2bdc6ea7570c9451f34_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:ac8b60a91411c0fcc4ab2c52db8b6e7682ee747c8969dde9ad8d1a5aa7d44772_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:f1dfaac28b4e889c7433bcb6a8cf84a4ae154e47936cc774d7da7a8361a6090d_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5beca691807b625e0b7b0d086e4a69ad846753cec6ed31e09fe7b46a78dd75a0_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:7fc8e3971a085fb4f0417d9bc412f37a8ac1ca93e619fbd85862682d7d0d24cc_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:cf5542bd64485c1f560dc43b9754e29dcdf460cee0b241d9bc6bf9c83f7bba6d_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:683aefe3e095f21c07489793644413aec5f55e5c6193f7961a17c95a42aaf5a4_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:788b98d8e719fc6a7395882f209361da891d81253252e1874d2b5fcd8b272042_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:580b463fab66f776bdda7b9337ca229cdf7559616756b3dde5f4fde81fcebe08_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:467308015352358d822228ae3247621d83cd51fb20a87384623706ec648bb0e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:76f695ed58f0b255fb0a8a672744cde4193e231b98d1539dfd811ad390dff56c_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:e748c16a1a1a9ba19decb60cad5625f9e9e4987c72a54907d826f731e229becd_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:ffd3823014509a0ce3b72ece5caa34e0c331f0133e284ce08614113445d256c4_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:5dd05762652a895bc48db344e573942e0d291175b2391e60d152ce60b6e3ea3e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:abc1c2b5726805ca4ccd1ed50dc7ab3706bc36ffa31d499cd6374242118180e3_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:563507ce784589a79aaa4d8c29742f098f6501d17d9f477472e279556e8e15ce_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a2401108688b44ef1fd9b187894358b4536ad9b2b5c436d507ff15f9f6af0f9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:9acd4b9e8b289064491b5749aa7c642dd5f0470f70f0503c1f7c7c047053760f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:db0489f5160a0f569c0b0b05d6e26e7ff5618dd0cde85d77133b76fd70b9c5b7_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:4455b45f19f5223e5239bad8bc30b258f33025545d7a16314303ed60af00a2fa_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:1e3615ff55c43d1bf7f5a9be449179d896271f90837476f6c545c917637466a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:f810c2421d77579caabec7dfcbf82dc3840751c486669df02d2877c9f1962436_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:63b3b7a87a8f9360248e9ff45ac46484c18bb972c735fe8e4b6bdf127d943b47_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:7ead858553adfb95b5a2704cc2dca061a5f36de7575d829e0568a94b09a55573_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:b5a320e87976d906b9aa37da2cd9f40f54e05847245345e2dc4285633b90460f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:9199f9bc2dbeb91874f2865e4162c681e1f75a41f5cc73702226424345971e85_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:f786ba3de0ca54a9252f5e9f615fa5662c76e0fcffbdf635d3071865758e5c8b_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:4a0d654eea8b9669f082ed092e79b3203a131223b8e534c3414051aad05497b0_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:4541ed04a67e85fae426a5a58695339e583e2692878dca1cc93c62b5e1e30fd3_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:79ad494103e90fb80f012c4324555e6f93c4c37df85b1ecea9f80495a521e01f_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:50d63dbcda94374e6d40b01632619fd81ce0e800166cfa1c08711e145cbcf0d6_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:5d815abb91431f9a88981c52b071ab991b4b74f5801be2bdc6ea7570c9451f34_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:ac8b60a91411c0fcc4ab2c52db8b6e7682ee747c8969dde9ad8d1a5aa7d44772_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:f1dfaac28b4e889c7433bcb6a8cf84a4ae154e47936cc774d7da7a8361a6090d_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5beca691807b625e0b7b0d086e4a69ad846753cec6ed31e09fe7b46a78dd75a0_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:7fc8e3971a085fb4f0417d9bc412f37a8ac1ca93e619fbd85862682d7d0d24cc_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:cf5542bd64485c1f560dc43b9754e29dcdf460cee0b241d9bc6bf9c83f7bba6d_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:683aefe3e095f21c07489793644413aec5f55e5c6193f7961a17c95a42aaf5a4_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:788b98d8e719fc6a7395882f209361da891d81253252e1874d2b5fcd8b272042_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:580b463fab66f776bdda7b9337ca229cdf7559616756b3dde5f4fde81fcebe08_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:467308015352358d822228ae3247621d83cd51fb20a87384623706ec648bb0e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:76f695ed58f0b255fb0a8a672744cde4193e231b98d1539dfd811ad390dff56c_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:e748c16a1a1a9ba19decb60cad5625f9e9e4987c72a54907d826f731e229becd_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:ffd3823014509a0ce3b72ece5caa34e0c331f0133e284ce08614113445d256c4_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:5dd05762652a895bc48db344e573942e0d291175b2391e60d152ce60b6e3ea3e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:abc1c2b5726805ca4ccd1ed50dc7ab3706bc36ffa31d499cd6374242118180e3_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:563507ce784589a79aaa4d8c29742f098f6501d17d9f477472e279556e8e15ce_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a2401108688b44ef1fd9b187894358b4536ad9b2b5c436d507ff15f9f6af0f9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:9acd4b9e8b289064491b5749aa7c642dd5f0470f70f0503c1f7c7c047053760f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:db0489f5160a0f569c0b0b05d6e26e7ff5618dd0cde85d77133b76fd70b9c5b7_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:4455b45f19f5223e5239bad8bc30b258f33025545d7a16314303ed60af00a2fa_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:1e3615ff55c43d1bf7f5a9be449179d896271f90837476f6c545c917637466a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:f810c2421d77579caabec7dfcbf82dc3840751c486669df02d2877c9f1962436_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:63b3b7a87a8f9360248e9ff45ac46484c18bb972c735fe8e4b6bdf127d943b47_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:7ead858553adfb95b5a2704cc2dca061a5f36de7575d829e0568a94b09a55573_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:b5a320e87976d906b9aa37da2cd9f40f54e05847245345e2dc4285633b90460f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:9199f9bc2dbeb91874f2865e4162c681e1f75a41f5cc73702226424345971e85_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:f786ba3de0ca54a9252f5e9f615fa5662c76e0fcffbdf635d3071865758e5c8b_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:4a0d654eea8b9669f082ed092e79b3203a131223b8e534c3414051aad05497b0_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: panic due to racy read of persistConn after handler panic"
},
{
"cve": "CVE-2021-41190",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2021-11-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:4541ed04a67e85fae426a5a58695339e583e2692878dca1cc93c62b5e1e30fd3_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:79ad494103e90fb80f012c4324555e6f93c4c37df85b1ecea9f80495a521e01f_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:50d63dbcda94374e6d40b01632619fd81ce0e800166cfa1c08711e145cbcf0d6_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:5d815abb91431f9a88981c52b071ab991b4b74f5801be2bdc6ea7570c9451f34_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:ac8b60a91411c0fcc4ab2c52db8b6e7682ee747c8969dde9ad8d1a5aa7d44772_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:f1dfaac28b4e889c7433bcb6a8cf84a4ae154e47936cc774d7da7a8361a6090d_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5beca691807b625e0b7b0d086e4a69ad846753cec6ed31e09fe7b46a78dd75a0_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:7fc8e3971a085fb4f0417d9bc412f37a8ac1ca93e619fbd85862682d7d0d24cc_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:cf5542bd64485c1f560dc43b9754e29dcdf460cee0b241d9bc6bf9c83f7bba6d_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:683aefe3e095f21c07489793644413aec5f55e5c6193f7961a17c95a42aaf5a4_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:788b98d8e719fc6a7395882f209361da891d81253252e1874d2b5fcd8b272042_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:580b463fab66f776bdda7b9337ca229cdf7559616756b3dde5f4fde81fcebe08_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:467308015352358d822228ae3247621d83cd51fb20a87384623706ec648bb0e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:76f695ed58f0b255fb0a8a672744cde4193e231b98d1539dfd811ad390dff56c_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:e748c16a1a1a9ba19decb60cad5625f9e9e4987c72a54907d826f731e229becd_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:ffd3823014509a0ce3b72ece5caa34e0c331f0133e284ce08614113445d256c4_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:5dd05762652a895bc48db344e573942e0d291175b2391e60d152ce60b6e3ea3e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:abc1c2b5726805ca4ccd1ed50dc7ab3706bc36ffa31d499cd6374242118180e3_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:563507ce784589a79aaa4d8c29742f098f6501d17d9f477472e279556e8e15ce_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a2401108688b44ef1fd9b187894358b4536ad9b2b5c436d507ff15f9f6af0f9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:9acd4b9e8b289064491b5749aa7c642dd5f0470f70f0503c1f7c7c047053760f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:db0489f5160a0f569c0b0b05d6e26e7ff5618dd0cde85d77133b76fd70b9c5b7_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:1e3615ff55c43d1bf7f5a9be449179d896271f90837476f6c545c917637466a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:f810c2421d77579caabec7dfcbf82dc3840751c486669df02d2877c9f1962436_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:63b3b7a87a8f9360248e9ff45ac46484c18bb972c735fe8e4b6bdf127d943b47_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:7ead858553adfb95b5a2704cc2dca061a5f36de7575d829e0568a94b09a55573_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:b5a320e87976d906b9aa37da2cd9f40f54e05847245345e2dc4285633b90460f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:9199f9bc2dbeb91874f2865e4162c681e1f75a41f5cc73702226424345971e85_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:f786ba3de0ca54a9252f5e9f615fa5662c76e0fcffbdf635d3071865758e5c8b_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:4a0d654eea8b9669f082ed092e79b3203a131223b8e534c3414051aad05497b0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2024938"
}
],
"notes": [
{
"category": "description",
"text": "The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Image Specification, the manifest and index documents were not self-describing and documents with a single digest could be interpreted as either a manifest or an index. In the OCI Image Specification version 1.0.1 there is specified a recommendation that both manifest and index documents contain a `mediaType` field to identify the type of document.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "opencontainers: OCI manifest and index parsing confusion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "As a consequence of the OCI Image Specification (and OCI Distribution Specification [1]), container runtime engines (like containerd, moby - Docker Engine, cri-o) deliver updates to adopt new `mediaType` field used for identification of the document type. Even though some Red Hat products rely on container engine, the impact by this issue is LOW.\n\n[1] https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:4455b45f19f5223e5239bad8bc30b258f33025545d7a16314303ed60af00a2fa_amd64"
],
"known_not_affected": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:4541ed04a67e85fae426a5a58695339e583e2692878dca1cc93c62b5e1e30fd3_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:79ad494103e90fb80f012c4324555e6f93c4c37df85b1ecea9f80495a521e01f_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:50d63dbcda94374e6d40b01632619fd81ce0e800166cfa1c08711e145cbcf0d6_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:5d815abb91431f9a88981c52b071ab991b4b74f5801be2bdc6ea7570c9451f34_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:ac8b60a91411c0fcc4ab2c52db8b6e7682ee747c8969dde9ad8d1a5aa7d44772_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:f1dfaac28b4e889c7433bcb6a8cf84a4ae154e47936cc774d7da7a8361a6090d_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5beca691807b625e0b7b0d086e4a69ad846753cec6ed31e09fe7b46a78dd75a0_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:7fc8e3971a085fb4f0417d9bc412f37a8ac1ca93e619fbd85862682d7d0d24cc_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:cf5542bd64485c1f560dc43b9754e29dcdf460cee0b241d9bc6bf9c83f7bba6d_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:683aefe3e095f21c07489793644413aec5f55e5c6193f7961a17c95a42aaf5a4_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:788b98d8e719fc6a7395882f209361da891d81253252e1874d2b5fcd8b272042_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:580b463fab66f776bdda7b9337ca229cdf7559616756b3dde5f4fde81fcebe08_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:467308015352358d822228ae3247621d83cd51fb20a87384623706ec648bb0e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:76f695ed58f0b255fb0a8a672744cde4193e231b98d1539dfd811ad390dff56c_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:e748c16a1a1a9ba19decb60cad5625f9e9e4987c72a54907d826f731e229becd_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:ffd3823014509a0ce3b72ece5caa34e0c331f0133e284ce08614113445d256c4_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:5dd05762652a895bc48db344e573942e0d291175b2391e60d152ce60b6e3ea3e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:abc1c2b5726805ca4ccd1ed50dc7ab3706bc36ffa31d499cd6374242118180e3_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:563507ce784589a79aaa4d8c29742f098f6501d17d9f477472e279556e8e15ce_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a2401108688b44ef1fd9b187894358b4536ad9b2b5c436d507ff15f9f6af0f9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:9acd4b9e8b289064491b5749aa7c642dd5f0470f70f0503c1f7c7c047053760f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:db0489f5160a0f569c0b0b05d6e26e7ff5618dd0cde85d77133b76fd70b9c5b7_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:1e3615ff55c43d1bf7f5a9be449179d896271f90837476f6c545c917637466a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:f810c2421d77579caabec7dfcbf82dc3840751c486669df02d2877c9f1962436_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:63b3b7a87a8f9360248e9ff45ac46484c18bb972c735fe8e4b6bdf127d943b47_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:7ead858553adfb95b5a2704cc2dca061a5f36de7575d829e0568a94b09a55573_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:b5a320e87976d906b9aa37da2cd9f40f54e05847245345e2dc4285633b90460f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:9199f9bc2dbeb91874f2865e4162c681e1f75a41f5cc73702226424345971e85_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:f786ba3de0ca54a9252f5e9f615fa5662c76e0fcffbdf635d3071865758e5c8b_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:4a0d654eea8b9669f082ed092e79b3203a131223b8e534c3414051aad05497b0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-41190"
},
{
"category": "external",
"summary": "RHBZ#2024938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024938"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-41190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41190"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-41190",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41190"
},
{
"category": "external",
"summary": "https://github.com/moby/moby/security/advisories/GHSA-xmmx-7jpf-fx42",
"url": "https://github.com/moby/moby/security/advisories/GHSA-xmmx-7jpf-fx42"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m",
"url": "https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh",
"url": "https://github.com/opencontainers/image-spec/security/advisories/GHSA-77vh-xpmg-72qh"
}
],
"release_date": "2021-11-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-18T20:25:33+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:4455b45f19f5223e5239bad8bc30b258f33025545d7a16314303ed60af00a2fa_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4668"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:4541ed04a67e85fae426a5a58695339e583e2692878dca1cc93c62b5e1e30fd3_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:79ad494103e90fb80f012c4324555e6f93c4c37df85b1ecea9f80495a521e01f_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:50d63dbcda94374e6d40b01632619fd81ce0e800166cfa1c08711e145cbcf0d6_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:5d815abb91431f9a88981c52b071ab991b4b74f5801be2bdc6ea7570c9451f34_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:ac8b60a91411c0fcc4ab2c52db8b6e7682ee747c8969dde9ad8d1a5aa7d44772_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:f1dfaac28b4e889c7433bcb6a8cf84a4ae154e47936cc774d7da7a8361a6090d_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5beca691807b625e0b7b0d086e4a69ad846753cec6ed31e09fe7b46a78dd75a0_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:7fc8e3971a085fb4f0417d9bc412f37a8ac1ca93e619fbd85862682d7d0d24cc_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:cf5542bd64485c1f560dc43b9754e29dcdf460cee0b241d9bc6bf9c83f7bba6d_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:683aefe3e095f21c07489793644413aec5f55e5c6193f7961a17c95a42aaf5a4_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:788b98d8e719fc6a7395882f209361da891d81253252e1874d2b5fcd8b272042_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:580b463fab66f776bdda7b9337ca229cdf7559616756b3dde5f4fde81fcebe08_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:467308015352358d822228ae3247621d83cd51fb20a87384623706ec648bb0e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:76f695ed58f0b255fb0a8a672744cde4193e231b98d1539dfd811ad390dff56c_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:e748c16a1a1a9ba19decb60cad5625f9e9e4987c72a54907d826f731e229becd_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:ffd3823014509a0ce3b72ece5caa34e0c331f0133e284ce08614113445d256c4_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:5dd05762652a895bc48db344e573942e0d291175b2391e60d152ce60b6e3ea3e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:abc1c2b5726805ca4ccd1ed50dc7ab3706bc36ffa31d499cd6374242118180e3_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:563507ce784589a79aaa4d8c29742f098f6501d17d9f477472e279556e8e15ce_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a2401108688b44ef1fd9b187894358b4536ad9b2b5c436d507ff15f9f6af0f9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:9acd4b9e8b289064491b5749aa7c642dd5f0470f70f0503c1f7c7c047053760f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:db0489f5160a0f569c0b0b05d6e26e7ff5618dd0cde85d77133b76fd70b9c5b7_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:4455b45f19f5223e5239bad8bc30b258f33025545d7a16314303ed60af00a2fa_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:1e3615ff55c43d1bf7f5a9be449179d896271f90837476f6c545c917637466a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:f810c2421d77579caabec7dfcbf82dc3840751c486669df02d2877c9f1962436_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:63b3b7a87a8f9360248e9ff45ac46484c18bb972c735fe8e4b6bdf127d943b47_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:7ead858553adfb95b5a2704cc2dca061a5f36de7575d829e0568a94b09a55573_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:b5a320e87976d906b9aa37da2cd9f40f54e05847245345e2dc4285633b90460f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:9199f9bc2dbeb91874f2865e4162c681e1f75a41f5cc73702226424345971e85_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:f786ba3de0ca54a9252f5e9f615fa5662c76e0fcffbdf635d3071865758e5c8b_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:4a0d654eea8b9669f082ed092e79b3203a131223b8e534c3414051aad05497b0_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "opencontainers: OCI manifest and index parsing confusion"
},
{
"cve": "CVE-2022-21698",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2022-01-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:4541ed04a67e85fae426a5a58695339e583e2692878dca1cc93c62b5e1e30fd3_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:79ad494103e90fb80f012c4324555e6f93c4c37df85b1ecea9f80495a521e01f_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:50d63dbcda94374e6d40b01632619fd81ce0e800166cfa1c08711e145cbcf0d6_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:5d815abb91431f9a88981c52b071ab991b4b74f5801be2bdc6ea7570c9451f34_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:ac8b60a91411c0fcc4ab2c52db8b6e7682ee747c8969dde9ad8d1a5aa7d44772_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:7fc8e3971a085fb4f0417d9bc412f37a8ac1ca93e619fbd85862682d7d0d24cc_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:683aefe3e095f21c07489793644413aec5f55e5c6193f7961a17c95a42aaf5a4_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:788b98d8e719fc6a7395882f209361da891d81253252e1874d2b5fcd8b272042_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:580b463fab66f776bdda7b9337ca229cdf7559616756b3dde5f4fde81fcebe08_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:e748c16a1a1a9ba19decb60cad5625f9e9e4987c72a54907d826f731e229becd_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:ffd3823014509a0ce3b72ece5caa34e0c331f0133e284ce08614113445d256c4_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:5dd05762652a895bc48db344e573942e0d291175b2391e60d152ce60b6e3ea3e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:abc1c2b5726805ca4ccd1ed50dc7ab3706bc36ffa31d499cd6374242118180e3_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:563507ce784589a79aaa4d8c29742f098f6501d17d9f477472e279556e8e15ce_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a2401108688b44ef1fd9b187894358b4536ad9b2b5c436d507ff15f9f6af0f9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:db0489f5160a0f569c0b0b05d6e26e7ff5618dd0cde85d77133b76fd70b9c5b7_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:4455b45f19f5223e5239bad8bc30b258f33025545d7a16314303ed60af00a2fa_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:1e3615ff55c43d1bf7f5a9be449179d896271f90837476f6c545c917637466a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:f810c2421d77579caabec7dfcbf82dc3840751c486669df02d2877c9f1962436_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:63b3b7a87a8f9360248e9ff45ac46484c18bb972c735fe8e4b6bdf127d943b47_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:7ead858553adfb95b5a2704cc2dca061a5f36de7575d829e0568a94b09a55573_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:b5a320e87976d906b9aa37da2cd9f40f54e05847245345e2dc4285633b90460f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:f786ba3de0ca54a9252f5e9f615fa5662c76e0fcffbdf635d3071865758e5c8b_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:4a0d654eea8b9669f082ed092e79b3203a131223b8e534c3414051aad05497b0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2045880"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on an HTTP server by exploiting the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "prometheus/client_golang: Denial of service using InstrumentHandlerCounter",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been rated as having a moderate impact for two main reasons. The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. Additionally, this is in alignment with upstream\u0027s (the Prometheus project) impact rating.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:f1dfaac28b4e889c7433bcb6a8cf84a4ae154e47936cc774d7da7a8361a6090d_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5beca691807b625e0b7b0d086e4a69ad846753cec6ed31e09fe7b46a78dd75a0_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:cf5542bd64485c1f560dc43b9754e29dcdf460cee0b241d9bc6bf9c83f7bba6d_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:467308015352358d822228ae3247621d83cd51fb20a87384623706ec648bb0e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:76f695ed58f0b255fb0a8a672744cde4193e231b98d1539dfd811ad390dff56c_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:9acd4b9e8b289064491b5749aa7c642dd5f0470f70f0503c1f7c7c047053760f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:9199f9bc2dbeb91874f2865e4162c681e1f75a41f5cc73702226424345971e85_amd64"
],
"known_not_affected": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:4541ed04a67e85fae426a5a58695339e583e2692878dca1cc93c62b5e1e30fd3_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:79ad494103e90fb80f012c4324555e6f93c4c37df85b1ecea9f80495a521e01f_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:50d63dbcda94374e6d40b01632619fd81ce0e800166cfa1c08711e145cbcf0d6_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:5d815abb91431f9a88981c52b071ab991b4b74f5801be2bdc6ea7570c9451f34_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:ac8b60a91411c0fcc4ab2c52db8b6e7682ee747c8969dde9ad8d1a5aa7d44772_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:7fc8e3971a085fb4f0417d9bc412f37a8ac1ca93e619fbd85862682d7d0d24cc_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:683aefe3e095f21c07489793644413aec5f55e5c6193f7961a17c95a42aaf5a4_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:788b98d8e719fc6a7395882f209361da891d81253252e1874d2b5fcd8b272042_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:580b463fab66f776bdda7b9337ca229cdf7559616756b3dde5f4fde81fcebe08_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:e748c16a1a1a9ba19decb60cad5625f9e9e4987c72a54907d826f731e229becd_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:ffd3823014509a0ce3b72ece5caa34e0c331f0133e284ce08614113445d256c4_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:5dd05762652a895bc48db344e573942e0d291175b2391e60d152ce60b6e3ea3e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:abc1c2b5726805ca4ccd1ed50dc7ab3706bc36ffa31d499cd6374242118180e3_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:563507ce784589a79aaa4d8c29742f098f6501d17d9f477472e279556e8e15ce_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a2401108688b44ef1fd9b187894358b4536ad9b2b5c436d507ff15f9f6af0f9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:db0489f5160a0f569c0b0b05d6e26e7ff5618dd0cde85d77133b76fd70b9c5b7_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:4455b45f19f5223e5239bad8bc30b258f33025545d7a16314303ed60af00a2fa_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:1e3615ff55c43d1bf7f5a9be449179d896271f90837476f6c545c917637466a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:f810c2421d77579caabec7dfcbf82dc3840751c486669df02d2877c9f1962436_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:63b3b7a87a8f9360248e9ff45ac46484c18bb972c735fe8e4b6bdf127d943b47_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:7ead858553adfb95b5a2704cc2dca061a5f36de7575d829e0568a94b09a55573_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:b5a320e87976d906b9aa37da2cd9f40f54e05847245345e2dc4285633b90460f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:f786ba3de0ca54a9252f5e9f615fa5662c76e0fcffbdf635d3071865758e5c8b_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:4a0d654eea8b9669f082ed092e79b3203a131223b8e534c3414051aad05497b0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-21698"
},
{
"category": "external",
"summary": "RHBZ#2045880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2045880"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-21698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21698"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21698",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21698"
},
{
"category": "external",
"summary": "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p",
"url": "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p"
}
],
"release_date": "2022-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-05-18T20:25:33+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:f1dfaac28b4e889c7433bcb6a8cf84a4ae154e47936cc774d7da7a8361a6090d_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5beca691807b625e0b7b0d086e4a69ad846753cec6ed31e09fe7b46a78dd75a0_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:cf5542bd64485c1f560dc43b9754e29dcdf460cee0b241d9bc6bf9c83f7bba6d_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:467308015352358d822228ae3247621d83cd51fb20a87384623706ec648bb0e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:76f695ed58f0b255fb0a8a672744cde4193e231b98d1539dfd811ad390dff56c_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:9acd4b9e8b289064491b5749aa7c642dd5f0470f70f0503c1f7c7c047053760f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:9199f9bc2dbeb91874f2865e4162c681e1f75a41f5cc73702226424345971e85_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:4668"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.10:container-native-virtualization/bridge-marker@sha256:4541ed04a67e85fae426a5a58695339e583e2692878dca1cc93c62b5e1e30fd3_amd64",
"8Base-CNV-4.10:container-native-virtualization/cluster-network-addons-operator@sha256:79ad494103e90fb80f012c4324555e6f93c4c37df85b1ecea9f80495a521e01f_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-containernetworking-plugins@sha256:50d63dbcda94374e6d40b01632619fd81ce0e800166cfa1c08711e145cbcf0d6_amd64",
"8Base-CNV-4.10:container-native-virtualization/cnv-must-gather-rhel8@sha256:5d815abb91431f9a88981c52b071ab991b4b74f5801be2bdc6ea7570c9451f34_amd64",
"8Base-CNV-4.10:container-native-virtualization/hco-bundle-registry@sha256:ac8b60a91411c0fcc4ab2c52db8b6e7682ee747c8969dde9ad8d1a5aa7d44772_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver-rhel8@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-csi-driver@sha256:e77159a8bbe92d5b54fb268f6b53d56f905ac6bbb10cd678d10db9609dfdf2fe_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:f1dfaac28b4e889c7433bcb6a8cf84a4ae154e47936cc774d7da7a8361a6090d_amd64",
"8Base-CNV-4.10:container-native-virtualization/hostpath-provisioner-rhel8@sha256:5beca691807b625e0b7b0d086e4a69ad846753cec6ed31e09fe7b46a78dd75a0_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-operator@sha256:7fc8e3971a085fb4f0417d9bc412f37a8ac1ca93e619fbd85862682d7d0d24cc_amd64",
"8Base-CNV-4.10:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:cf5542bd64485c1f560dc43b9754e29dcdf460cee0b241d9bc6bf9c83f7bba6d_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubemacpool@sha256:683aefe3e095f21c07489793644413aec5f55e5c6193f7961a17c95a42aaf5a4_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:788b98d8e719fc6a7395882f209361da891d81253252e1874d2b5fcd8b272042_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-ssp-operator@sha256:580b463fab66f776bdda7b9337ca229cdf7559616756b3dde5f4fde81fcebe08_amd64",
"8Base-CNV-4.10:container-native-virtualization/kubevirt-template-validator@sha256:467308015352358d822228ae3247621d83cd51fb20a87384623706ec648bb0e9_amd64",
"8Base-CNV-4.10:container-native-virtualization/libguestfs-tools@sha256:76f695ed58f0b255fb0a8a672744cde4193e231b98d1539dfd811ad390dff56c_amd64",
"8Base-CNV-4.10:container-native-virtualization/node-maintenance-operator@sha256:e748c16a1a1a9ba19decb60cad5625f9e9e4987c72a54907d826f731e229becd_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-marker@sha256:ffd3823014509a0ce3b72ece5caa34e0c331f0133e284ce08614113445d256c4_amd64",
"8Base-CNV-4.10:container-native-virtualization/ovs-cni-plugin@sha256:5dd05762652a895bc48db344e573942e0d291175b2391e60d152ce60b6e3ea3e_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-api@sha256:abc1c2b5726805ca4ccd1ed50dc7ab3706bc36ffa31d499cd6374242118180e3_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-artifacts-server@sha256:563507ce784589a79aaa4d8c29742f098f6501d17d9f477472e279556e8e15ce_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-apiserver@sha256:a2401108688b44ef1fd9b187894358b4536ad9b2b5c436d507ff15f9f6af0f9f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-cloner@sha256:9acd4b9e8b289064491b5749aa7c642dd5f0470f70f0503c1f7c7c047053760f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-controller@sha256:db0489f5160a0f569c0b0b05d6e26e7ff5618dd0cde85d77133b76fd70b9c5b7_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-importer@sha256:4455b45f19f5223e5239bad8bc30b258f33025545d7a16314303ed60af00a2fa_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-operator@sha256:1e3615ff55c43d1bf7f5a9be449179d896271f90837476f6c545c917637466a8_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadproxy@sha256:f810c2421d77579caabec7dfcbf82dc3840751c486669df02d2877c9f1962436_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-cdi-uploadserver@sha256:63b3b7a87a8f9360248e9ff45ac46484c18bb972c735fe8e4b6bdf127d943b47_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-controller@sha256:7ead858553adfb95b5a2704cc2dca061a5f36de7575d829e0568a94b09a55573_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-handler@sha256:b5a320e87976d906b9aa37da2cd9f40f54e05847245345e2dc4285633b90460f_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-launcher@sha256:9199f9bc2dbeb91874f2865e4162c681e1f75a41f5cc73702226424345971e85_amd64",
"8Base-CNV-4.10:container-native-virtualization/virt-operator@sha256:f786ba3de0ca54a9252f5e9f615fa5662c76e0fcffbdf635d3071865758e5c8b_amd64",
"8Base-CNV-4.10:container-native-virtualization/virtio-win@sha256:4a0d654eea8b9669f082ed092e79b3203a131223b8e534c3414051aad05497b0_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "prometheus/client_golang: Denial of service using InstrumentHandlerCounter"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…