RHSA-2022_6681
Vulnerability from csaf_redhat - Published: 2022-09-22 08:16 - Updated: 2024-11-22 18:27Summary
Red Hat Security Advisory: OpenShift Virtualization 4.9.6 Images security and bug fix update
Severity
Important
Notes
Topic: Red Hat OpenShift Virtualization release 4.9.6 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This advisory contains the following OpenShift Virtualization 4.9.6 images:
RHEL-8-CNV-4.9
==============
cnv-must-gather-container-v4.9.6-7
kubevirt-template-validator-container-v4.9.6-6
kubevirt-ssp-operator-container-v4.9.6-5
virt-cdi-uploadserver-container-v4.9.6-4
virt-cdi-cloner-container-v4.9.6-4
virt-cdi-importer-container-v4.9.6-4
virt-cdi-uploadproxy-container-v4.9.6-4
virt-cdi-apiserver-container-v4.9.6-4
virt-cdi-controller-container-v4.9.6-4
virt-cdi-operator-container-v4.9.6-4
hostpath-provisioner-container-v4.9.6-3
hyperconverged-cluster-webhook-container-v4.9.6-3
hyperconverged-cluster-operator-container-v4.9.6-3
node-maintenance-operator-container-v4.9.6-4
kubevirt-vmware-container-v4.9.6-3
kubevirt-v2v-conversion-container-v4.9.6-3
ovs-cni-plugin-container-v4.9.6-3
cnv-containernetworking-plugins-container-v4.9.6-3
bridge-marker-container-v4.9.6-4
ovs-cni-marker-container-v4.9.6-3
kubemacpool-container-v4.9.6-4
kubernetes-nmstate-handler-container-v4.9.6-5
cluster-network-addons-operator-container-v4.9.6-5
virt-controller-container-v4.9.6-9
virt-handler-container-v4.9.6-9
virt-api-container-v4.9.6-9
virt-operator-container-v4.9.6-9
virt-artifacts-server-container-v4.9.6-9
virt-launcher-container-v4.9.6-9
libguestfs-tools-container-v4.9.6-9
virtio-win-container-v4.9.6-3
hostpath-provisioner-operator-container-v4.9.6-3
vm-import-operator-container-v4.9.6-3
vm-import-controller-container-v4.9.6-3
vm-import-virtv2v-container-v4.9.6-3
hco-bundle-registry-container-v4.9.6-51
Security Fix(es):
* kubeVirt: Arbitrary file read on the host from KubeVirt VMs (CVE-2022-1798)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
An arbitrary file read vulnerability was found in the kubeVirt API. This flaw makes it possible to use the kubeVirt API to provide access to host files (like /etc/passwd, for example) in a KubeVirt VM as a disk device that can be written to and read from.
7.7 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2022:6681
References
Acknowledgments
NCC Group
Oliver Brooks and James Klopchic
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release 4.9.6 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This advisory contains the following OpenShift Virtualization 4.9.6 images:\n\nRHEL-8-CNV-4.9\n==============\ncnv-must-gather-container-v4.9.6-7\nkubevirt-template-validator-container-v4.9.6-6\nkubevirt-ssp-operator-container-v4.9.6-5\nvirt-cdi-uploadserver-container-v4.9.6-4\nvirt-cdi-cloner-container-v4.9.6-4\nvirt-cdi-importer-container-v4.9.6-4\nvirt-cdi-uploadproxy-container-v4.9.6-4\nvirt-cdi-apiserver-container-v4.9.6-4\nvirt-cdi-controller-container-v4.9.6-4\nvirt-cdi-operator-container-v4.9.6-4\nhostpath-provisioner-container-v4.9.6-3\nhyperconverged-cluster-webhook-container-v4.9.6-3\nhyperconverged-cluster-operator-container-v4.9.6-3\nnode-maintenance-operator-container-v4.9.6-4\nkubevirt-vmware-container-v4.9.6-3\nkubevirt-v2v-conversion-container-v4.9.6-3\novs-cni-plugin-container-v4.9.6-3\ncnv-containernetworking-plugins-container-v4.9.6-3\nbridge-marker-container-v4.9.6-4\novs-cni-marker-container-v4.9.6-3\nkubemacpool-container-v4.9.6-4\nkubernetes-nmstate-handler-container-v4.9.6-5\ncluster-network-addons-operator-container-v4.9.6-5\nvirt-controller-container-v4.9.6-9\nvirt-handler-container-v4.9.6-9\nvirt-api-container-v4.9.6-9\nvirt-operator-container-v4.9.6-9\nvirt-artifacts-server-container-v4.9.6-9\nvirt-launcher-container-v4.9.6-9\nlibguestfs-tools-container-v4.9.6-9\nvirtio-win-container-v4.9.6-3\nhostpath-provisioner-operator-container-v4.9.6-3\nvm-import-operator-container-v4.9.6-3\nvm-import-controller-container-v4.9.6-3\nvm-import-virtv2v-container-v4.9.6-3\nhco-bundle-registry-container-v4.9.6-51\n\nSecurity Fix(es):\n\n* kubeVirt: Arbitrary file read on the host from KubeVirt VMs (CVE-2022-1798)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:6681",
"url": "https://access.redhat.com/errata/RHSA-2022:6681"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2092269",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2092269"
},
{
"category": "external",
"summary": "2097313",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2097313"
},
{
"category": "external",
"summary": "2101174",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101174"
},
{
"category": "external",
"summary": "2110783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2110783"
},
{
"category": "external",
"summary": "2117872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117872"
},
{
"category": "external",
"summary": "2118317",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118317"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_6681.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Virtualization 4.9.6 Images security and bug fix update",
"tracking": {
"current_release_date": "2024-11-22T18:27:44+00:00",
"generator": {
"date": "2024-11-22T18:27:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2022:6681",
"initial_release_date": "2022-09-22T08:16:30+00:00",
"revision_history": [
{
"date": "2022-09-22T08:16:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-09-22T08:16:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T18:27:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CNV 4.9 for RHEL 8",
"product": {
"name": "CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:4.9::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "container-native-virtualization/bridge-marker@sha256:e1d3caa39c5392fe57f7e4308c9957248559457e61daf87a0e66d998e658dc97_amd64",
"product": {
"name": "container-native-virtualization/bridge-marker@sha256:e1d3caa39c5392fe57f7e4308c9957248559457e61daf87a0e66d998e658dc97_amd64",
"product_id": "container-native-virtualization/bridge-marker@sha256:e1d3caa39c5392fe57f7e4308c9957248559457e61daf87a0e66d998e658dc97_amd64",
"product_identification_helper": {
"purl": "pkg:oci/bridge-marker@sha256:e1d3caa39c5392fe57f7e4308c9957248559457e61daf87a0e66d998e658dc97?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/bridge-marker\u0026tag=v4.9.6-4"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:9e07f1ab0e89ed31a4bc7546664fa8ea6ed5a5c78f5e71205892fd64c83d3727_amd64",
"product": {
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:9e07f1ab0e89ed31a4bc7546664fa8ea6ed5a5c78f5e71205892fd64c83d3727_amd64",
"product_id": "container-native-virtualization/cluster-network-addons-operator@sha256:9e07f1ab0e89ed31a4bc7546664fa8ea6ed5a5c78f5e71205892fd64c83d3727_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-network-addons-operator@sha256:9e07f1ab0e89ed31a4bc7546664fa8ea6ed5a5c78f5e71205892fd64c83d3727?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cluster-network-addons-operator\u0026tag=v4.9.6-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:64a1b3efe2bf641c746050d65e7e4bd812111537c05710a45029b25f069160d3_amd64",
"product": {
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:64a1b3efe2bf641c746050d65e7e4bd812111537c05710a45029b25f069160d3_amd64",
"product_id": "container-native-virtualization/cnv-containernetworking-plugins@sha256:64a1b3efe2bf641c746050d65e7e4bd812111537c05710a45029b25f069160d3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cnv-containernetworking-plugins@sha256:64a1b3efe2bf641c746050d65e7e4bd812111537c05710a45029b25f069160d3?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-containernetworking-plugins\u0026tag=v4.9.6-3"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:2d9ad446a2c7a26520b2a280580d39d02d96160d58b769c8832f31ebb9c9b51f_amd64",
"product": {
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:2d9ad446a2c7a26520b2a280580d39d02d96160d58b769c8832f31ebb9c9b51f_amd64",
"product_id": "container-native-virtualization/cnv-must-gather-rhel8@sha256:2d9ad446a2c7a26520b2a280580d39d02d96160d58b769c8832f31ebb9c9b51f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cnv-must-gather-rhel8@sha256:2d9ad446a2c7a26520b2a280580d39d02d96160d58b769c8832f31ebb9c9b51f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-must-gather-rhel8\u0026tag=v4.9.6-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hco-bundle-registry@sha256:923fa16632843dd65fa4b4312c737eaf999ae44fb9b8c72016c8c65ce531385b_amd64",
"product": {
"name": "container-native-virtualization/hco-bundle-registry@sha256:923fa16632843dd65fa4b4312c737eaf999ae44fb9b8c72016c8c65ce531385b_amd64",
"product_id": "container-native-virtualization/hco-bundle-registry@sha256:923fa16632843dd65fa4b4312c737eaf999ae44fb9b8c72016c8c65ce531385b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hco-bundle-registry@sha256:923fa16632843dd65fa4b4312c737eaf999ae44fb9b8c72016c8c65ce531385b?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hco-bundle-registry\u0026tag=v4.9.6-51"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:efe2190ed6477fa289187de61064054290a984601a40bc7a7aaa714ceef41e90_amd64",
"product": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:efe2190ed6477fa289187de61064054290a984601a40bc7a7aaa714ceef41e90_amd64",
"product_id": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:efe2190ed6477fa289187de61064054290a984601a40bc7a7aaa714ceef41e90_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-provisioner-rhel8@sha256:efe2190ed6477fa289187de61064054290a984601a40bc7a7aaa714ceef41e90?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8\u0026tag=v4.9.6-3"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:5e348c3ca2ec93f22cdf246c3b9293fbba1ac2ef4b8a286c516971e4741a23bc_amd64",
"product": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:5e348c3ca2ec93f22cdf246c3b9293fbba1ac2ef4b8a286c516971e4741a23bc_amd64",
"product_id": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:5e348c3ca2ec93f22cdf246c3b9293fbba1ac2ef4b8a286c516971e4741a23bc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hostpath-provisioner-rhel8-operator@sha256:5e348c3ca2ec93f22cdf246c3b9293fbba1ac2ef4b8a286c516971e4741a23bc?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8-operator\u0026tag=v4.9.6-3"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:2fd2bc99e04dde37b46a438ba881a81e0c558dcbd19681a1b927e0647dced419_amd64",
"product": {
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:2fd2bc99e04dde37b46a438ba881a81e0c558dcbd19681a1b927e0647dced419_amd64",
"product_id": "container-native-virtualization/hyperconverged-cluster-operator@sha256:2fd2bc99e04dde37b46a438ba881a81e0c558dcbd19681a1b927e0647dced419_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hyperconverged-cluster-operator@sha256:2fd2bc99e04dde37b46a438ba881a81e0c558dcbd19681a1b927e0647dced419?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-operator\u0026tag=v4.9.6-3"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:56dec5123de6a1e09813a39e22294eb1b1ed4c00a11c0c2719b20cf944be3d3a_amd64",
"product": {
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:56dec5123de6a1e09813a39e22294eb1b1ed4c00a11c0c2719b20cf944be3d3a_amd64",
"product_id": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:56dec5123de6a1e09813a39e22294eb1b1ed4c00a11c0c2719b20cf944be3d3a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hyperconverged-cluster-webhook-rhel8@sha256:56dec5123de6a1e09813a39e22294eb1b1ed4c00a11c0c2719b20cf944be3d3a?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-webhook-rhel8\u0026tag=v4.9.6-3"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubemacpool@sha256:48afb12b1adddf71f98a30960f0a06a6a8920d2fb8aa521af482eb60efd086f6_amd64",
"product": {
"name": "container-native-virtualization/kubemacpool@sha256:48afb12b1adddf71f98a30960f0a06a6a8920d2fb8aa521af482eb60efd086f6_amd64",
"product_id": "container-native-virtualization/kubemacpool@sha256:48afb12b1adddf71f98a30960f0a06a6a8920d2fb8aa521af482eb60efd086f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubemacpool@sha256:48afb12b1adddf71f98a30960f0a06a6a8920d2fb8aa521af482eb60efd086f6?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubemacpool\u0026tag=v4.9.6-4"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:eff6902a5ae27ea85ea75a0842cb45e106285eb02456f34c377f16ad8752d8e3_amd64",
"product": {
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:eff6902a5ae27ea85ea75a0842cb45e106285eb02456f34c377f16ad8752d8e3_amd64",
"product_id": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:eff6902a5ae27ea85ea75a0842cb45e106285eb02456f34c377f16ad8752d8e3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubernetes-nmstate-handler-rhel8@sha256:eff6902a5ae27ea85ea75a0842cb45e106285eb02456f34c377f16ad8752d8e3?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubernetes-nmstate-handler-rhel8\u0026tag=v4.9.6-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:a6882fad978b6df2abe21bd6b67987fdcedb767487dfd980c40d465680ebb85e_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:a6882fad978b6df2abe21bd6b67987fdcedb767487dfd980c40d465680ebb85e_amd64",
"product_id": "container-native-virtualization/kubevirt-ssp-operator@sha256:a6882fad978b6df2abe21bd6b67987fdcedb767487dfd980c40d465680ebb85e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-ssp-operator@sha256:a6882fad978b6df2abe21bd6b67987fdcedb767487dfd980c40d465680ebb85e?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-ssp-operator\u0026tag=v4.9.6-5"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-template-validator@sha256:99005cdab8cd6ec64fa0b5074191f859b55519b9c24a06f764919d5dd655cda3_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-template-validator@sha256:99005cdab8cd6ec64fa0b5074191f859b55519b9c24a06f764919d5dd655cda3_amd64",
"product_id": "container-native-virtualization/kubevirt-template-validator@sha256:99005cdab8cd6ec64fa0b5074191f859b55519b9c24a06f764919d5dd655cda3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-template-validator@sha256:99005cdab8cd6ec64fa0b5074191f859b55519b9c24a06f764919d5dd655cda3?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-template-validator\u0026tag=v4.9.6-6"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:96126128d66f8b390c5b135e404c75bd06a9fa4c8f637dc991a2358e63393a3b_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:96126128d66f8b390c5b135e404c75bd06a9fa4c8f637dc991a2358e63393a3b_amd64",
"product_id": "container-native-virtualization/kubevirt-v2v-conversion@sha256:96126128d66f8b390c5b135e404c75bd06a9fa4c8f637dc991a2358e63393a3b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-v2v-conversion@sha256:96126128d66f8b390c5b135e404c75bd06a9fa4c8f637dc991a2358e63393a3b?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-v2v-conversion\u0026tag=v4.9.6-3"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-vmware@sha256:b5cfc061df65f6ee82fb792b063166be21426422093a8b99845329fd243f77ba_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-vmware@sha256:b5cfc061df65f6ee82fb792b063166be21426422093a8b99845329fd243f77ba_amd64",
"product_id": "container-native-virtualization/kubevirt-vmware@sha256:b5cfc061df65f6ee82fb792b063166be21426422093a8b99845329fd243f77ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-vmware@sha256:b5cfc061df65f6ee82fb792b063166be21426422093a8b99845329fd243f77ba?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-vmware\u0026tag=v4.9.6-3"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/libguestfs-tools@sha256:51f80ce494533681efe96d9c7ef0f3aca2cf3c4a919469eab6aef6c1d74a8c44_amd64",
"product": {
"name": "container-native-virtualization/libguestfs-tools@sha256:51f80ce494533681efe96d9c7ef0f3aca2cf3c4a919469eab6aef6c1d74a8c44_amd64",
"product_id": "container-native-virtualization/libguestfs-tools@sha256:51f80ce494533681efe96d9c7ef0f3aca2cf3c4a919469eab6aef6c1d74a8c44_amd64",
"product_identification_helper": {
"purl": "pkg:oci/libguestfs-tools@sha256:51f80ce494533681efe96d9c7ef0f3aca2cf3c4a919469eab6aef6c1d74a8c44?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/libguestfs-tools\u0026tag=v4.9.6-9"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/node-maintenance-operator@sha256:ec2319366b7125b96f99a6bc2b55e4f288aabb1f7474ced9a5bac092677b1bcc_amd64",
"product": {
"name": "container-native-virtualization/node-maintenance-operator@sha256:ec2319366b7125b96f99a6bc2b55e4f288aabb1f7474ced9a5bac092677b1bcc_amd64",
"product_id": "container-native-virtualization/node-maintenance-operator@sha256:ec2319366b7125b96f99a6bc2b55e4f288aabb1f7474ced9a5bac092677b1bcc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/node-maintenance-operator@sha256:ec2319366b7125b96f99a6bc2b55e4f288aabb1f7474ced9a5bac092677b1bcc?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/node-maintenance-operator\u0026tag=v4.9.6-4"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/ovs-cni-marker@sha256:c119b9d4be1b885ab6cd1da5a9cddc862549060f9321a3d9f1f4daa0b7ff24ff_amd64",
"product": {
"name": "container-native-virtualization/ovs-cni-marker@sha256:c119b9d4be1b885ab6cd1da5a9cddc862549060f9321a3d9f1f4daa0b7ff24ff_amd64",
"product_id": "container-native-virtualization/ovs-cni-marker@sha256:c119b9d4be1b885ab6cd1da5a9cddc862549060f9321a3d9f1f4daa0b7ff24ff_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ovs-cni-marker@sha256:c119b9d4be1b885ab6cd1da5a9cddc862549060f9321a3d9f1f4daa0b7ff24ff?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-marker\u0026tag=v4.9.6-3"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/ovs-cni-plugin@sha256:b93deb2d624cb2289e3b558fa07b91c26bf674559243faa82f0f69e83347fcad_amd64",
"product": {
"name": "container-native-virtualization/ovs-cni-plugin@sha256:b93deb2d624cb2289e3b558fa07b91c26bf674559243faa82f0f69e83347fcad_amd64",
"product_id": "container-native-virtualization/ovs-cni-plugin@sha256:b93deb2d624cb2289e3b558fa07b91c26bf674559243faa82f0f69e83347fcad_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ovs-cni-plugin@sha256:b93deb2d624cb2289e3b558fa07b91c26bf674559243faa82f0f69e83347fcad?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-plugin\u0026tag=v4.9.6-3"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-api@sha256:0252b6f9b2052977775cfebedf4e16cddf4484e00969180ac14da9de7b1af6e1_amd64",
"product": {
"name": "container-native-virtualization/virt-api@sha256:0252b6f9b2052977775cfebedf4e16cddf4484e00969180ac14da9de7b1af6e1_amd64",
"product_id": "container-native-virtualization/virt-api@sha256:0252b6f9b2052977775cfebedf4e16cddf4484e00969180ac14da9de7b1af6e1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-api@sha256:0252b6f9b2052977775cfebedf4e16cddf4484e00969180ac14da9de7b1af6e1?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-api\u0026tag=v4.9.6-9"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-artifacts-server@sha256:446462f4f1500f8ea8837721e26c8b8bbd36aea5eed6c09546f15ad314fd0f1e_amd64",
"product": {
"name": "container-native-virtualization/virt-artifacts-server@sha256:446462f4f1500f8ea8837721e26c8b8bbd36aea5eed6c09546f15ad314fd0f1e_amd64",
"product_id": "container-native-virtualization/virt-artifacts-server@sha256:446462f4f1500f8ea8837721e26c8b8bbd36aea5eed6c09546f15ad314fd0f1e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-artifacts-server@sha256:446462f4f1500f8ea8837721e26c8b8bbd36aea5eed6c09546f15ad314fd0f1e?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-artifacts-server\u0026tag=v4.9.6-9"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:ee809f60e35767b1755955761e16ffeaff6025d07ed73fc9ea6b66cf064177f6_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:ee809f60e35767b1755955761e16ffeaff6025d07ed73fc9ea6b66cf064177f6_amd64",
"product_id": "container-native-virtualization/virt-cdi-apiserver@sha256:ee809f60e35767b1755955761e16ffeaff6025d07ed73fc9ea6b66cf064177f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-apiserver@sha256:ee809f60e35767b1755955761e16ffeaff6025d07ed73fc9ea6b66cf064177f6?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-apiserver\u0026tag=v4.9.6-4"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-cloner@sha256:a25b6cd4be57511338a414e1a5247745e1a7b3beb528945c9389eec473d57a19_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-cloner@sha256:a25b6cd4be57511338a414e1a5247745e1a7b3beb528945c9389eec473d57a19_amd64",
"product_id": "container-native-virtualization/virt-cdi-cloner@sha256:a25b6cd4be57511338a414e1a5247745e1a7b3beb528945c9389eec473d57a19_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-cloner@sha256:a25b6cd4be57511338a414e1a5247745e1a7b3beb528945c9389eec473d57a19?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-cloner\u0026tag=v4.9.6-4"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-controller@sha256:4a6d2ca39c487e317c6a88f3ab30ad94b56ec996da82f0ca85b202334df46770_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-controller@sha256:4a6d2ca39c487e317c6a88f3ab30ad94b56ec996da82f0ca85b202334df46770_amd64",
"product_id": "container-native-virtualization/virt-cdi-controller@sha256:4a6d2ca39c487e317c6a88f3ab30ad94b56ec996da82f0ca85b202334df46770_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-controller@sha256:4a6d2ca39c487e317c6a88f3ab30ad94b56ec996da82f0ca85b202334df46770?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-controller\u0026tag=v4.9.6-4"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-importer@sha256:b842957a75980e747916d3d83651c5bbb45b3d6bc81e28c2455cd783f7e768aa_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-importer@sha256:b842957a75980e747916d3d83651c5bbb45b3d6bc81e28c2455cd783f7e768aa_amd64",
"product_id": "container-native-virtualization/virt-cdi-importer@sha256:b842957a75980e747916d3d83651c5bbb45b3d6bc81e28c2455cd783f7e768aa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-importer@sha256:b842957a75980e747916d3d83651c5bbb45b3d6bc81e28c2455cd783f7e768aa?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-importer\u0026tag=v4.9.6-4"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-operator@sha256:77fe54aacce1789c4619b645ea5a9f9cc353f2e18db438aa785cd60065852071_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-operator@sha256:77fe54aacce1789c4619b645ea5a9f9cc353f2e18db438aa785cd60065852071_amd64",
"product_id": "container-native-virtualization/virt-cdi-operator@sha256:77fe54aacce1789c4619b645ea5a9f9cc353f2e18db438aa785cd60065852071_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-operator@sha256:77fe54aacce1789c4619b645ea5a9f9cc353f2e18db438aa785cd60065852071?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-operator\u0026tag=v4.9.6-4"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:def07c859fccb197606115700a6da314c786ece914ed4907dafe54ba94427e8a_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:def07c859fccb197606115700a6da314c786ece914ed4907dafe54ba94427e8a_amd64",
"product_id": "container-native-virtualization/virt-cdi-uploadproxy@sha256:def07c859fccb197606115700a6da314c786ece914ed4907dafe54ba94427e8a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-uploadproxy@sha256:def07c859fccb197606115700a6da314c786ece914ed4907dafe54ba94427e8a?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadproxy\u0026tag=v4.9.6-4"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:a2458bf4fabb6950f22c61f8fd3f34222d9fdbbd5cedf3c7852dcb87a145df7f_amd64",
"product": {
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:a2458bf4fabb6950f22c61f8fd3f34222d9fdbbd5cedf3c7852dcb87a145df7f_amd64",
"product_id": "container-native-virtualization/virt-cdi-uploadserver@sha256:a2458bf4fabb6950f22c61f8fd3f34222d9fdbbd5cedf3c7852dcb87a145df7f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-cdi-uploadserver@sha256:a2458bf4fabb6950f22c61f8fd3f34222d9fdbbd5cedf3c7852dcb87a145df7f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadserver\u0026tag=v4.9.6-4"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-controller@sha256:18fc5a4b5fe3d5d0a144ca4d9f51ac9c445025ab4d2d0a3f0a4996f5ac58d725_amd64",
"product": {
"name": "container-native-virtualization/virt-controller@sha256:18fc5a4b5fe3d5d0a144ca4d9f51ac9c445025ab4d2d0a3f0a4996f5ac58d725_amd64",
"product_id": "container-native-virtualization/virt-controller@sha256:18fc5a4b5fe3d5d0a144ca4d9f51ac9c445025ab4d2d0a3f0a4996f5ac58d725_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-controller@sha256:18fc5a4b5fe3d5d0a144ca4d9f51ac9c445025ab4d2d0a3f0a4996f5ac58d725?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-controller\u0026tag=v4.9.6-9"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-handler@sha256:348d1c698ad05dc4d39548b4b79fa9643e15c507acfffdd41772830dac9c0e4c_amd64",
"product": {
"name": "container-native-virtualization/virt-handler@sha256:348d1c698ad05dc4d39548b4b79fa9643e15c507acfffdd41772830dac9c0e4c_amd64",
"product_id": "container-native-virtualization/virt-handler@sha256:348d1c698ad05dc4d39548b4b79fa9643e15c507acfffdd41772830dac9c0e4c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-handler@sha256:348d1c698ad05dc4d39548b4b79fa9643e15c507acfffdd41772830dac9c0e4c?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-handler\u0026tag=v4.9.6-9"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virtio-win@sha256:d61b757b9fa3e2fe3f3fc545912bdb21209f331027f363c4a0a4f57b880363e3_amd64",
"product": {
"name": "container-native-virtualization/virtio-win@sha256:d61b757b9fa3e2fe3f3fc545912bdb21209f331027f363c4a0a4f57b880363e3_amd64",
"product_id": "container-native-virtualization/virtio-win@sha256:d61b757b9fa3e2fe3f3fc545912bdb21209f331027f363c4a0a4f57b880363e3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virtio-win@sha256:d61b757b9fa3e2fe3f3fc545912bdb21209f331027f363c4a0a4f57b880363e3?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virtio-win\u0026tag=v4.9.6-3"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-launcher@sha256:182d9a84f3aa15aedd1305b025997b115baf535b1334d5fabc2f7d34ca53613d_amd64",
"product": {
"name": "container-native-virtualization/virt-launcher@sha256:182d9a84f3aa15aedd1305b025997b115baf535b1334d5fabc2f7d34ca53613d_amd64",
"product_id": "container-native-virtualization/virt-launcher@sha256:182d9a84f3aa15aedd1305b025997b115baf535b1334d5fabc2f7d34ca53613d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-launcher@sha256:182d9a84f3aa15aedd1305b025997b115baf535b1334d5fabc2f7d34ca53613d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-launcher\u0026tag=v4.9.6-9"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/virt-operator@sha256:98e85fbcb207fada1ead3da157aba01ffbd7ed4773701e7e113c1d21849e8570_amd64",
"product": {
"name": "container-native-virtualization/virt-operator@sha256:98e85fbcb207fada1ead3da157aba01ffbd7ed4773701e7e113c1d21849e8570_amd64",
"product_id": "container-native-virtualization/virt-operator@sha256:98e85fbcb207fada1ead3da157aba01ffbd7ed4773701e7e113c1d21849e8570_amd64",
"product_identification_helper": {
"purl": "pkg:oci/virt-operator@sha256:98e85fbcb207fada1ead3da157aba01ffbd7ed4773701e7e113c1d21849e8570?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-operator\u0026tag=v4.9.6-9"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:b8e15d5243e5f89877dbd320df3515163c288e16232b9ef1fb8719bd122ff16f_amd64",
"product": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:b8e15d5243e5f89877dbd320df3515163c288e16232b9ef1fb8719bd122ff16f_amd64",
"product_id": "container-native-virtualization/vm-import-controller-rhel8@sha256:b8e15d5243e5f89877dbd320df3515163c288e16232b9ef1fb8719bd122ff16f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-controller-rhel8@sha256:b8e15d5243e5f89877dbd320df3515163c288e16232b9ef1fb8719bd122ff16f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-controller-rhel8\u0026tag=v4.9.6-3"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-operator-rhel8@sha256:d55219af6e3d6962fc59de4f6f11eed7d0205bbe36d6ba7f03c74eba0881373f_amd64",
"product": {
"name": "container-native-virtualization/vm-import-operator-rhel8@sha256:d55219af6e3d6962fc59de4f6f11eed7d0205bbe36d6ba7f03c74eba0881373f_amd64",
"product_id": "container-native-virtualization/vm-import-operator-rhel8@sha256:d55219af6e3d6962fc59de4f6f11eed7d0205bbe36d6ba7f03c74eba0881373f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-operator-rhel8@sha256:d55219af6e3d6962fc59de4f6f11eed7d0205bbe36d6ba7f03c74eba0881373f?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-operator-rhel8\u0026tag=v4.9.6-3"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8276c4ea2a2f487ce7dfb8469061efd4a9834fde8e9a58e4b43781c09d49d87c_amd64",
"product": {
"name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8276c4ea2a2f487ce7dfb8469061efd4a9834fde8e9a58e4b43781c09d49d87c_amd64",
"product_id": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8276c4ea2a2f487ce7dfb8469061efd4a9834fde8e9a58e4b43781c09d49d87c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-virtv2v-rhel8@sha256:8276c4ea2a2f487ce7dfb8469061efd4a9834fde8e9a58e4b43781c09d49d87c?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-virtv2v-rhel8\u0026tag=v4.9.6-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/bridge-marker@sha256:e1d3caa39c5392fe57f7e4308c9957248559457e61daf87a0e66d998e658dc97_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:e1d3caa39c5392fe57f7e4308c9957248559457e61daf87a0e66d998e658dc97_amd64"
},
"product_reference": "container-native-virtualization/bridge-marker@sha256:e1d3caa39c5392fe57f7e4308c9957248559457e61daf87a0e66d998e658dc97_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cluster-network-addons-operator@sha256:9e07f1ab0e89ed31a4bc7546664fa8ea6ed5a5c78f5e71205892fd64c83d3727_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:9e07f1ab0e89ed31a4bc7546664fa8ea6ed5a5c78f5e71205892fd64c83d3727_amd64"
},
"product_reference": "container-native-virtualization/cluster-network-addons-operator@sha256:9e07f1ab0e89ed31a4bc7546664fa8ea6ed5a5c78f5e71205892fd64c83d3727_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:64a1b3efe2bf641c746050d65e7e4bd812111537c05710a45029b25f069160d3_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:64a1b3efe2bf641c746050d65e7e4bd812111537c05710a45029b25f069160d3_amd64"
},
"product_reference": "container-native-virtualization/cnv-containernetworking-plugins@sha256:64a1b3efe2bf641c746050d65e7e4bd812111537c05710a45029b25f069160d3_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:2d9ad446a2c7a26520b2a280580d39d02d96160d58b769c8832f31ebb9c9b51f_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:2d9ad446a2c7a26520b2a280580d39d02d96160d58b769c8832f31ebb9c9b51f_amd64"
},
"product_reference": "container-native-virtualization/cnv-must-gather-rhel8@sha256:2d9ad446a2c7a26520b2a280580d39d02d96160d58b769c8832f31ebb9c9b51f_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hco-bundle-registry@sha256:923fa16632843dd65fa4b4312c737eaf999ae44fb9b8c72016c8c65ce531385b_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:923fa16632843dd65fa4b4312c737eaf999ae44fb9b8c72016c8c65ce531385b_amd64"
},
"product_reference": "container-native-virtualization/hco-bundle-registry@sha256:923fa16632843dd65fa4b4312c737eaf999ae44fb9b8c72016c8c65ce531385b_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:5e348c3ca2ec93f22cdf246c3b9293fbba1ac2ef4b8a286c516971e4741a23bc_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:5e348c3ca2ec93f22cdf246c3b9293fbba1ac2ef4b8a286c516971e4741a23bc_amd64"
},
"product_reference": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:5e348c3ca2ec93f22cdf246c3b9293fbba1ac2ef4b8a286c516971e4741a23bc_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:efe2190ed6477fa289187de61064054290a984601a40bc7a7aaa714ceef41e90_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:efe2190ed6477fa289187de61064054290a984601a40bc7a7aaa714ceef41e90_amd64"
},
"product_reference": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:efe2190ed6477fa289187de61064054290a984601a40bc7a7aaa714ceef41e90_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:2fd2bc99e04dde37b46a438ba881a81e0c558dcbd19681a1b927e0647dced419_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:2fd2bc99e04dde37b46a438ba881a81e0c558dcbd19681a1b927e0647dced419_amd64"
},
"product_reference": "container-native-virtualization/hyperconverged-cluster-operator@sha256:2fd2bc99e04dde37b46a438ba881a81e0c558dcbd19681a1b927e0647dced419_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:56dec5123de6a1e09813a39e22294eb1b1ed4c00a11c0c2719b20cf944be3d3a_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:56dec5123de6a1e09813a39e22294eb1b1ed4c00a11c0c2719b20cf944be3d3a_amd64"
},
"product_reference": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:56dec5123de6a1e09813a39e22294eb1b1ed4c00a11c0c2719b20cf944be3d3a_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubemacpool@sha256:48afb12b1adddf71f98a30960f0a06a6a8920d2fb8aa521af482eb60efd086f6_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:48afb12b1adddf71f98a30960f0a06a6a8920d2fb8aa521af482eb60efd086f6_amd64"
},
"product_reference": "container-native-virtualization/kubemacpool@sha256:48afb12b1adddf71f98a30960f0a06a6a8920d2fb8aa521af482eb60efd086f6_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:eff6902a5ae27ea85ea75a0842cb45e106285eb02456f34c377f16ad8752d8e3_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:eff6902a5ae27ea85ea75a0842cb45e106285eb02456f34c377f16ad8752d8e3_amd64"
},
"product_reference": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:eff6902a5ae27ea85ea75a0842cb45e106285eb02456f34c377f16ad8752d8e3_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-ssp-operator@sha256:a6882fad978b6df2abe21bd6b67987fdcedb767487dfd980c40d465680ebb85e_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:a6882fad978b6df2abe21bd6b67987fdcedb767487dfd980c40d465680ebb85e_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-ssp-operator@sha256:a6882fad978b6df2abe21bd6b67987fdcedb767487dfd980c40d465680ebb85e_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-template-validator@sha256:99005cdab8cd6ec64fa0b5074191f859b55519b9c24a06f764919d5dd655cda3_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:99005cdab8cd6ec64fa0b5074191f859b55519b9c24a06f764919d5dd655cda3_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-template-validator@sha256:99005cdab8cd6ec64fa0b5074191f859b55519b9c24a06f764919d5dd655cda3_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:96126128d66f8b390c5b135e404c75bd06a9fa4c8f637dc991a2358e63393a3b_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:96126128d66f8b390c5b135e404c75bd06a9fa4c8f637dc991a2358e63393a3b_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-v2v-conversion@sha256:96126128d66f8b390c5b135e404c75bd06a9fa4c8f637dc991a2358e63393a3b_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-vmware@sha256:b5cfc061df65f6ee82fb792b063166be21426422093a8b99845329fd243f77ba_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:b5cfc061df65f6ee82fb792b063166be21426422093a8b99845329fd243f77ba_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-vmware@sha256:b5cfc061df65f6ee82fb792b063166be21426422093a8b99845329fd243f77ba_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/libguestfs-tools@sha256:51f80ce494533681efe96d9c7ef0f3aca2cf3c4a919469eab6aef6c1d74a8c44_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:51f80ce494533681efe96d9c7ef0f3aca2cf3c4a919469eab6aef6c1d74a8c44_amd64"
},
"product_reference": "container-native-virtualization/libguestfs-tools@sha256:51f80ce494533681efe96d9c7ef0f3aca2cf3c4a919469eab6aef6c1d74a8c44_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/node-maintenance-operator@sha256:ec2319366b7125b96f99a6bc2b55e4f288aabb1f7474ced9a5bac092677b1bcc_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:ec2319366b7125b96f99a6bc2b55e4f288aabb1f7474ced9a5bac092677b1bcc_amd64"
},
"product_reference": "container-native-virtualization/node-maintenance-operator@sha256:ec2319366b7125b96f99a6bc2b55e4f288aabb1f7474ced9a5bac092677b1bcc_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/ovs-cni-marker@sha256:c119b9d4be1b885ab6cd1da5a9cddc862549060f9321a3d9f1f4daa0b7ff24ff_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:c119b9d4be1b885ab6cd1da5a9cddc862549060f9321a3d9f1f4daa0b7ff24ff_amd64"
},
"product_reference": "container-native-virtualization/ovs-cni-marker@sha256:c119b9d4be1b885ab6cd1da5a9cddc862549060f9321a3d9f1f4daa0b7ff24ff_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/ovs-cni-plugin@sha256:b93deb2d624cb2289e3b558fa07b91c26bf674559243faa82f0f69e83347fcad_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:b93deb2d624cb2289e3b558fa07b91c26bf674559243faa82f0f69e83347fcad_amd64"
},
"product_reference": "container-native-virtualization/ovs-cni-plugin@sha256:b93deb2d624cb2289e3b558fa07b91c26bf674559243faa82f0f69e83347fcad_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-api@sha256:0252b6f9b2052977775cfebedf4e16cddf4484e00969180ac14da9de7b1af6e1_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:0252b6f9b2052977775cfebedf4e16cddf4484e00969180ac14da9de7b1af6e1_amd64"
},
"product_reference": "container-native-virtualization/virt-api@sha256:0252b6f9b2052977775cfebedf4e16cddf4484e00969180ac14da9de7b1af6e1_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-artifacts-server@sha256:446462f4f1500f8ea8837721e26c8b8bbd36aea5eed6c09546f15ad314fd0f1e_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:446462f4f1500f8ea8837721e26c8b8bbd36aea5eed6c09546f15ad314fd0f1e_amd64"
},
"product_reference": "container-native-virtualization/virt-artifacts-server@sha256:446462f4f1500f8ea8837721e26c8b8bbd36aea5eed6c09546f15ad314fd0f1e_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-apiserver@sha256:ee809f60e35767b1755955761e16ffeaff6025d07ed73fc9ea6b66cf064177f6_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:ee809f60e35767b1755955761e16ffeaff6025d07ed73fc9ea6b66cf064177f6_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-apiserver@sha256:ee809f60e35767b1755955761e16ffeaff6025d07ed73fc9ea6b66cf064177f6_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-cloner@sha256:a25b6cd4be57511338a414e1a5247745e1a7b3beb528945c9389eec473d57a19_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:a25b6cd4be57511338a414e1a5247745e1a7b3beb528945c9389eec473d57a19_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-cloner@sha256:a25b6cd4be57511338a414e1a5247745e1a7b3beb528945c9389eec473d57a19_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-controller@sha256:4a6d2ca39c487e317c6a88f3ab30ad94b56ec996da82f0ca85b202334df46770_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:4a6d2ca39c487e317c6a88f3ab30ad94b56ec996da82f0ca85b202334df46770_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-controller@sha256:4a6d2ca39c487e317c6a88f3ab30ad94b56ec996da82f0ca85b202334df46770_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-importer@sha256:b842957a75980e747916d3d83651c5bbb45b3d6bc81e28c2455cd783f7e768aa_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:b842957a75980e747916d3d83651c5bbb45b3d6bc81e28c2455cd783f7e768aa_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-importer@sha256:b842957a75980e747916d3d83651c5bbb45b3d6bc81e28c2455cd783f7e768aa_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-operator@sha256:77fe54aacce1789c4619b645ea5a9f9cc353f2e18db438aa785cd60065852071_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:77fe54aacce1789c4619b645ea5a9f9cc353f2e18db438aa785cd60065852071_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-operator@sha256:77fe54aacce1789c4619b645ea5a9f9cc353f2e18db438aa785cd60065852071_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:def07c859fccb197606115700a6da314c786ece914ed4907dafe54ba94427e8a_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:def07c859fccb197606115700a6da314c786ece914ed4907dafe54ba94427e8a_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-uploadproxy@sha256:def07c859fccb197606115700a6da314c786ece914ed4907dafe54ba94427e8a_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-cdi-uploadserver@sha256:a2458bf4fabb6950f22c61f8fd3f34222d9fdbbd5cedf3c7852dcb87a145df7f_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:a2458bf4fabb6950f22c61f8fd3f34222d9fdbbd5cedf3c7852dcb87a145df7f_amd64"
},
"product_reference": "container-native-virtualization/virt-cdi-uploadserver@sha256:a2458bf4fabb6950f22c61f8fd3f34222d9fdbbd5cedf3c7852dcb87a145df7f_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-controller@sha256:18fc5a4b5fe3d5d0a144ca4d9f51ac9c445025ab4d2d0a3f0a4996f5ac58d725_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:18fc5a4b5fe3d5d0a144ca4d9f51ac9c445025ab4d2d0a3f0a4996f5ac58d725_amd64"
},
"product_reference": "container-native-virtualization/virt-controller@sha256:18fc5a4b5fe3d5d0a144ca4d9f51ac9c445025ab4d2d0a3f0a4996f5ac58d725_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-handler@sha256:348d1c698ad05dc4d39548b4b79fa9643e15c507acfffdd41772830dac9c0e4c_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:348d1c698ad05dc4d39548b4b79fa9643e15c507acfffdd41772830dac9c0e4c_amd64"
},
"product_reference": "container-native-virtualization/virt-handler@sha256:348d1c698ad05dc4d39548b4b79fa9643e15c507acfffdd41772830dac9c0e4c_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-launcher@sha256:182d9a84f3aa15aedd1305b025997b115baf535b1334d5fabc2f7d34ca53613d_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:182d9a84f3aa15aedd1305b025997b115baf535b1334d5fabc2f7d34ca53613d_amd64"
},
"product_reference": "container-native-virtualization/virt-launcher@sha256:182d9a84f3aa15aedd1305b025997b115baf535b1334d5fabc2f7d34ca53613d_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virt-operator@sha256:98e85fbcb207fada1ead3da157aba01ffbd7ed4773701e7e113c1d21849e8570_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:98e85fbcb207fada1ead3da157aba01ffbd7ed4773701e7e113c1d21849e8570_amd64"
},
"product_reference": "container-native-virtualization/virt-operator@sha256:98e85fbcb207fada1ead3da157aba01ffbd7ed4773701e7e113c1d21849e8570_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/virtio-win@sha256:d61b757b9fa3e2fe3f3fc545912bdb21209f331027f363c4a0a4f57b880363e3_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:d61b757b9fa3e2fe3f3fc545912bdb21209f331027f363c4a0a4f57b880363e3_amd64"
},
"product_reference": "container-native-virtualization/virtio-win@sha256:d61b757b9fa3e2fe3f3fc545912bdb21209f331027f363c4a0a4f57b880363e3_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:b8e15d5243e5f89877dbd320df3515163c288e16232b9ef1fb8719bd122ff16f_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:b8e15d5243e5f89877dbd320df3515163c288e16232b9ef1fb8719bd122ff16f_amd64"
},
"product_reference": "container-native-virtualization/vm-import-controller-rhel8@sha256:b8e15d5243e5f89877dbd320df3515163c288e16232b9ef1fb8719bd122ff16f_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-operator-rhel8@sha256:d55219af6e3d6962fc59de4f6f11eed7d0205bbe36d6ba7f03c74eba0881373f_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:d55219af6e3d6962fc59de4f6f11eed7d0205bbe36d6ba7f03c74eba0881373f_amd64"
},
"product_reference": "container-native-virtualization/vm-import-operator-rhel8@sha256:d55219af6e3d6962fc59de4f6f11eed7d0205bbe36d6ba7f03c74eba0881373f_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8276c4ea2a2f487ce7dfb8469061efd4a9834fde8e9a58e4b43781c09d49d87c_amd64 as a component of CNV 4.9 for RHEL 8",
"product_id": "8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8276c4ea2a2f487ce7dfb8469061efd4a9834fde8e9a58e4b43781c09d49d87c_amd64"
},
"product_reference": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8276c4ea2a2f487ce7dfb8469061efd4a9834fde8e9a58e4b43781c09d49d87c_amd64",
"relates_to_product_reference": "8Base-CNV-4.9"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Oliver Brooks and James Klopchic"
],
"organization": "NCC Group"
}
],
"cve": "CVE-2022-1798",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-08-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:e1d3caa39c5392fe57f7e4308c9957248559457e61daf87a0e66d998e658dc97_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:9e07f1ab0e89ed31a4bc7546664fa8ea6ed5a5c78f5e71205892fd64c83d3727_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:64a1b3efe2bf641c746050d65e7e4bd812111537c05710a45029b25f069160d3_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:2d9ad446a2c7a26520b2a280580d39d02d96160d58b769c8832f31ebb9c9b51f_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:923fa16632843dd65fa4b4312c737eaf999ae44fb9b8c72016c8c65ce531385b_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:5e348c3ca2ec93f22cdf246c3b9293fbba1ac2ef4b8a286c516971e4741a23bc_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:efe2190ed6477fa289187de61064054290a984601a40bc7a7aaa714ceef41e90_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:2fd2bc99e04dde37b46a438ba881a81e0c558dcbd19681a1b927e0647dced419_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:56dec5123de6a1e09813a39e22294eb1b1ed4c00a11c0c2719b20cf944be3d3a_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:48afb12b1adddf71f98a30960f0a06a6a8920d2fb8aa521af482eb60efd086f6_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:eff6902a5ae27ea85ea75a0842cb45e106285eb02456f34c377f16ad8752d8e3_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:a6882fad978b6df2abe21bd6b67987fdcedb767487dfd980c40d465680ebb85e_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:99005cdab8cd6ec64fa0b5074191f859b55519b9c24a06f764919d5dd655cda3_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:96126128d66f8b390c5b135e404c75bd06a9fa4c8f637dc991a2358e63393a3b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:b5cfc061df65f6ee82fb792b063166be21426422093a8b99845329fd243f77ba_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:51f80ce494533681efe96d9c7ef0f3aca2cf3c4a919469eab6aef6c1d74a8c44_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:ec2319366b7125b96f99a6bc2b55e4f288aabb1f7474ced9a5bac092677b1bcc_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:c119b9d4be1b885ab6cd1da5a9cddc862549060f9321a3d9f1f4daa0b7ff24ff_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:b93deb2d624cb2289e3b558fa07b91c26bf674559243faa82f0f69e83347fcad_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:ee809f60e35767b1755955761e16ffeaff6025d07ed73fc9ea6b66cf064177f6_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:a25b6cd4be57511338a414e1a5247745e1a7b3beb528945c9389eec473d57a19_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:4a6d2ca39c487e317c6a88f3ab30ad94b56ec996da82f0ca85b202334df46770_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:b842957a75980e747916d3d83651c5bbb45b3d6bc81e28c2455cd783f7e768aa_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:77fe54aacce1789c4619b645ea5a9f9cc353f2e18db438aa785cd60065852071_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:def07c859fccb197606115700a6da314c786ece914ed4907dafe54ba94427e8a_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:a2458bf4fabb6950f22c61f8fd3f34222d9fdbbd5cedf3c7852dcb87a145df7f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:d61b757b9fa3e2fe3f3fc545912bdb21209f331027f363c4a0a4f57b880363e3_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:b8e15d5243e5f89877dbd320df3515163c288e16232b9ef1fb8719bd122ff16f_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:d55219af6e3d6962fc59de4f6f11eed7d0205bbe36d6ba7f03c74eba0881373f_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8276c4ea2a2f487ce7dfb8469061efd4a9834fde8e9a58e4b43781c09d49d87c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2117872"
}
],
"notes": [
{
"category": "description",
"text": "An arbitrary file read vulnerability was found in the kubeVirt API. This flaw makes it possible to use the kubeVirt API to provide access to host files (like /etc/passwd, for example) in a KubeVirt VM as a disk device that can be written to and read from.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubeVirt: Arbitrary file read on the host from KubeVirt VMs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:0252b6f9b2052977775cfebedf4e16cddf4484e00969180ac14da9de7b1af6e1_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:446462f4f1500f8ea8837721e26c8b8bbd36aea5eed6c09546f15ad314fd0f1e_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:18fc5a4b5fe3d5d0a144ca4d9f51ac9c445025ab4d2d0a3f0a4996f5ac58d725_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:348d1c698ad05dc4d39548b4b79fa9643e15c507acfffdd41772830dac9c0e4c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:182d9a84f3aa15aedd1305b025997b115baf535b1334d5fabc2f7d34ca53613d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:98e85fbcb207fada1ead3da157aba01ffbd7ed4773701e7e113c1d21849e8570_amd64"
],
"known_not_affected": [
"8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:e1d3caa39c5392fe57f7e4308c9957248559457e61daf87a0e66d998e658dc97_amd64",
"8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:9e07f1ab0e89ed31a4bc7546664fa8ea6ed5a5c78f5e71205892fd64c83d3727_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:64a1b3efe2bf641c746050d65e7e4bd812111537c05710a45029b25f069160d3_amd64",
"8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:2d9ad446a2c7a26520b2a280580d39d02d96160d58b769c8832f31ebb9c9b51f_amd64",
"8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:923fa16632843dd65fa4b4312c737eaf999ae44fb9b8c72016c8c65ce531385b_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:5e348c3ca2ec93f22cdf246c3b9293fbba1ac2ef4b8a286c516971e4741a23bc_amd64",
"8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:efe2190ed6477fa289187de61064054290a984601a40bc7a7aaa714ceef41e90_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:2fd2bc99e04dde37b46a438ba881a81e0c558dcbd19681a1b927e0647dced419_amd64",
"8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:56dec5123de6a1e09813a39e22294eb1b1ed4c00a11c0c2719b20cf944be3d3a_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:48afb12b1adddf71f98a30960f0a06a6a8920d2fb8aa521af482eb60efd086f6_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:eff6902a5ae27ea85ea75a0842cb45e106285eb02456f34c377f16ad8752d8e3_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:a6882fad978b6df2abe21bd6b67987fdcedb767487dfd980c40d465680ebb85e_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:99005cdab8cd6ec64fa0b5074191f859b55519b9c24a06f764919d5dd655cda3_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:96126128d66f8b390c5b135e404c75bd06a9fa4c8f637dc991a2358e63393a3b_amd64",
"8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:b5cfc061df65f6ee82fb792b063166be21426422093a8b99845329fd243f77ba_amd64",
"8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:51f80ce494533681efe96d9c7ef0f3aca2cf3c4a919469eab6aef6c1d74a8c44_amd64",
"8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:ec2319366b7125b96f99a6bc2b55e4f288aabb1f7474ced9a5bac092677b1bcc_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:c119b9d4be1b885ab6cd1da5a9cddc862549060f9321a3d9f1f4daa0b7ff24ff_amd64",
"8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:b93deb2d624cb2289e3b558fa07b91c26bf674559243faa82f0f69e83347fcad_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:ee809f60e35767b1755955761e16ffeaff6025d07ed73fc9ea6b66cf064177f6_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:a25b6cd4be57511338a414e1a5247745e1a7b3beb528945c9389eec473d57a19_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:4a6d2ca39c487e317c6a88f3ab30ad94b56ec996da82f0ca85b202334df46770_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:b842957a75980e747916d3d83651c5bbb45b3d6bc81e28c2455cd783f7e768aa_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:77fe54aacce1789c4619b645ea5a9f9cc353f2e18db438aa785cd60065852071_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:def07c859fccb197606115700a6da314c786ece914ed4907dafe54ba94427e8a_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:a2458bf4fabb6950f22c61f8fd3f34222d9fdbbd5cedf3c7852dcb87a145df7f_amd64",
"8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:d61b757b9fa3e2fe3f3fc545912bdb21209f331027f363c4a0a4f57b880363e3_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:b8e15d5243e5f89877dbd320df3515163c288e16232b9ef1fb8719bd122ff16f_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:d55219af6e3d6962fc59de4f6f11eed7d0205bbe36d6ba7f03c74eba0881373f_amd64",
"8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:8276c4ea2a2f487ce7dfb8469061efd4a9834fde8e9a58e4b43781c09d49d87c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-1798"
},
{
"category": "external",
"summary": "RHBZ#2117872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2117872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-1798",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1798"
},
{
"category": "external",
"summary": "https://github.com/google/security-research/security/advisories/GHSA-cvx8-ppmc-78hm",
"url": "https://github.com/google/security-research/security/advisories/GHSA-cvx8-ppmc-78hm"
}
],
"release_date": "2022-08-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-09-22T08:16:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:0252b6f9b2052977775cfebedf4e16cddf4484e00969180ac14da9de7b1af6e1_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:446462f4f1500f8ea8837721e26c8b8bbd36aea5eed6c09546f15ad314fd0f1e_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:18fc5a4b5fe3d5d0a144ca4d9f51ac9c445025ab4d2d0a3f0a4996f5ac58d725_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:348d1c698ad05dc4d39548b4b79fa9643e15c507acfffdd41772830dac9c0e4c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:182d9a84f3aa15aedd1305b025997b115baf535b1334d5fabc2f7d34ca53613d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:98e85fbcb207fada1ead3da157aba01ffbd7ed4773701e7e113c1d21849e8570_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:6681"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:0252b6f9b2052977775cfebedf4e16cddf4484e00969180ac14da9de7b1af6e1_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:446462f4f1500f8ea8837721e26c8b8bbd36aea5eed6c09546f15ad314fd0f1e_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:18fc5a4b5fe3d5d0a144ca4d9f51ac9c445025ab4d2d0a3f0a4996f5ac58d725_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:348d1c698ad05dc4d39548b4b79fa9643e15c507acfffdd41772830dac9c0e4c_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:182d9a84f3aa15aedd1305b025997b115baf535b1334d5fabc2f7d34ca53613d_amd64",
"8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:98e85fbcb207fada1ead3da157aba01ffbd7ed4773701e7e113c1d21849e8570_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kubeVirt: Arbitrary file read on the host from KubeVirt VMs"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…