rhsa-2022_8609
Vulnerability from csaf_redhat
Published
2022-11-22 19:03
Modified
2024-11-25 08:02
Summary
Red Hat Security Advisory: OpenShift Virtualization 4.9.7 Images security update

Notes

Topic
Red Hat OpenShift Virtualization release 4.9.7 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.9.7 images. Security Fix(es): * go-restful: Authorization Bypass Through User-Controlled Key (CVE-2022-1996) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.



{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat OpenShift Virtualization release 4.9.7 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains OpenShift Virtualization 4.9.7 images.\n\nSecurity Fix(es):\n\n* go-restful: Authorization Bypass Through User-Controlled Key (CVE-2022-1996)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2022:8609",
        "url": "https://access.redhat.com/errata/RHSA-2022:8609"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2094982",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094982"
      },
      {
        "category": "external",
        "summary": "2130218",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130218"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8609.json"
      }
    ],
    "title": "Red Hat Security Advisory: OpenShift Virtualization 4.9.7 Images security update",
    "tracking": {
      "current_release_date": "2024-11-25T08:02:35+00:00",
      "generator": {
        "date": "2024-11-25T08:02:35+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2022:8609",
      "initial_release_date": "2022-11-22T19:03:41+00:00",
      "revision_history": [
        {
          "date": "2022-11-22T19:03:41+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2022-11-22T19:03:41+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-25T08:02:35+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "CNV 4.9 for RHEL 8",
                "product": {
                  "name": "CNV 4.9 for RHEL 8",
                  "product_id": "8Base-CNV-4.9",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:container_native_virtualization:4.9::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "OpenShift Virtualization"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "container-native-virtualization/bridge-marker@sha256:95f6b48f3b497ff38ce618b7461d415b8b1c93822dac22635ee72b7189f61489_amd64",
                "product": {
                  "name": "container-native-virtualization/bridge-marker@sha256:95f6b48f3b497ff38ce618b7461d415b8b1c93822dac22635ee72b7189f61489_amd64",
                  "product_id": "container-native-virtualization/bridge-marker@sha256:95f6b48f3b497ff38ce618b7461d415b8b1c93822dac22635ee72b7189f61489_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/bridge-marker@sha256:95f6b48f3b497ff38ce618b7461d415b8b1c93822dac22635ee72b7189f61489?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/bridge-marker\u0026tag=v4.9.7-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/cluster-network-addons-operator@sha256:d3d5a9547632ce7c84deffb2ef5e6c6728462e24b89ddfc0ad925a762c356820_amd64",
                "product": {
                  "name": "container-native-virtualization/cluster-network-addons-operator@sha256:d3d5a9547632ce7c84deffb2ef5e6c6728462e24b89ddfc0ad925a762c356820_amd64",
                  "product_id": "container-native-virtualization/cluster-network-addons-operator@sha256:d3d5a9547632ce7c84deffb2ef5e6c6728462e24b89ddfc0ad925a762c356820_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cluster-network-addons-operator@sha256:d3d5a9547632ce7c84deffb2ef5e6c6728462e24b89ddfc0ad925a762c356820?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cluster-network-addons-operator\u0026tag=v4.9.7-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:b5b65faeedf99f08ca151552678dde8348292b97cfdfb1d2fef89ef8390c8a12_amd64",
                "product": {
                  "name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:b5b65faeedf99f08ca151552678dde8348292b97cfdfb1d2fef89ef8390c8a12_amd64",
                  "product_id": "container-native-virtualization/cnv-containernetworking-plugins@sha256:b5b65faeedf99f08ca151552678dde8348292b97cfdfb1d2fef89ef8390c8a12_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cnv-containernetworking-plugins@sha256:b5b65faeedf99f08ca151552678dde8348292b97cfdfb1d2fef89ef8390c8a12?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-containernetworking-plugins\u0026tag=v4.9.7-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:db3d06df3dab3a08dd3c404a61c616ad5b7ab3972109fd9ef72a9acf309cfdb6_amd64",
                "product": {
                  "name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:db3d06df3dab3a08dd3c404a61c616ad5b7ab3972109fd9ef72a9acf309cfdb6_amd64",
                  "product_id": "container-native-virtualization/cnv-must-gather-rhel8@sha256:db3d06df3dab3a08dd3c404a61c616ad5b7ab3972109fd9ef72a9acf309cfdb6_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/cnv-must-gather-rhel8@sha256:db3d06df3dab3a08dd3c404a61c616ad5b7ab3972109fd9ef72a9acf309cfdb6?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/cnv-must-gather-rhel8\u0026tag=v4.9.7-9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hco-bundle-registry@sha256:eb1542e163a1e119457c1468accf8f60a0b5a934d9059728e6059ad4f2b24cf0_amd64",
                "product": {
                  "name": "container-native-virtualization/hco-bundle-registry@sha256:eb1542e163a1e119457c1468accf8f60a0b5a934d9059728e6059ad4f2b24cf0_amd64",
                  "product_id": "container-native-virtualization/hco-bundle-registry@sha256:eb1542e163a1e119457c1468accf8f60a0b5a934d9059728e6059ad4f2b24cf0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hco-bundle-registry@sha256:eb1542e163a1e119457c1468accf8f60a0b5a934d9059728e6059ad4f2b24cf0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hco-bundle-registry\u0026tag=v4.9.7-50"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:25f308ffaafcc1d1216bb90c566713a2873411bd000c9b360cbc9397d0d95a25_amd64",
                "product": {
                  "name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:25f308ffaafcc1d1216bb90c566713a2873411bd000c9b360cbc9397d0d95a25_amd64",
                  "product_id": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:25f308ffaafcc1d1216bb90c566713a2873411bd000c9b360cbc9397d0d95a25_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hostpath-provisioner-rhel8@sha256:25f308ffaafcc1d1216bb90c566713a2873411bd000c9b360cbc9397d0d95a25?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8\u0026tag=v4.9.7-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:d77bd51acb92723b5ee72a3ea9a171c14294014e1cd793bd4e88cd9e5a4bd2d0_amd64",
                "product": {
                  "name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:d77bd51acb92723b5ee72a3ea9a171c14294014e1cd793bd4e88cd9e5a4bd2d0_amd64",
                  "product_id": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:d77bd51acb92723b5ee72a3ea9a171c14294014e1cd793bd4e88cd9e5a4bd2d0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hostpath-provisioner-rhel8-operator@sha256:d77bd51acb92723b5ee72a3ea9a171c14294014e1cd793bd4e88cd9e5a4bd2d0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hostpath-provisioner-rhel8-operator\u0026tag=v4.9.7-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:00a5c0e1db2d38bc260c28ea661e12672a87fabdb31fbea44918e7c78fd9385a_amd64",
                "product": {
                  "name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:00a5c0e1db2d38bc260c28ea661e12672a87fabdb31fbea44918e7c78fd9385a_amd64",
                  "product_id": "container-native-virtualization/hyperconverged-cluster-operator@sha256:00a5c0e1db2d38bc260c28ea661e12672a87fabdb31fbea44918e7c78fd9385a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hyperconverged-cluster-operator@sha256:00a5c0e1db2d38bc260c28ea661e12672a87fabdb31fbea44918e7c78fd9385a?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-operator\u0026tag=v4.9.7-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:b46b59a2c62bf467ff7113fbd40abffefdfa73ef1762ed793fc426b1f264167a_amd64",
                "product": {
                  "name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:b46b59a2c62bf467ff7113fbd40abffefdfa73ef1762ed793fc426b1f264167a_amd64",
                  "product_id": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:b46b59a2c62bf467ff7113fbd40abffefdfa73ef1762ed793fc426b1f264167a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/hyperconverged-cluster-webhook-rhel8@sha256:b46b59a2c62bf467ff7113fbd40abffefdfa73ef1762ed793fc426b1f264167a?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/hyperconverged-cluster-webhook-rhel8\u0026tag=v4.9.7-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubemacpool@sha256:80caea580f582930b274619bda7628d945215a44c727f3097cdf146c03908452_amd64",
                "product": {
                  "name": "container-native-virtualization/kubemacpool@sha256:80caea580f582930b274619bda7628d945215a44c727f3097cdf146c03908452_amd64",
                  "product_id": "container-native-virtualization/kubemacpool@sha256:80caea580f582930b274619bda7628d945215a44c727f3097cdf146c03908452_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubemacpool@sha256:80caea580f582930b274619bda7628d945215a44c727f3097cdf146c03908452?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubemacpool\u0026tag=v4.9.7-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:c79fbbe514a1879cc33eaf16225d56fe8d15b14bf2f334c7e82861298b63da85_amd64",
                "product": {
                  "name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:c79fbbe514a1879cc33eaf16225d56fe8d15b14bf2f334c7e82861298b63da85_amd64",
                  "product_id": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:c79fbbe514a1879cc33eaf16225d56fe8d15b14bf2f334c7e82861298b63da85_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubernetes-nmstate-handler-rhel8@sha256:c79fbbe514a1879cc33eaf16225d56fe8d15b14bf2f334c7e82861298b63da85?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubernetes-nmstate-handler-rhel8\u0026tag=v4.9.7-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubevirt-ssp-operator@sha256:05c43b71617165ad3763c85f96e2fcee6a1ba43474972636130365f149eb2273_amd64",
                "product": {
                  "name": "container-native-virtualization/kubevirt-ssp-operator@sha256:05c43b71617165ad3763c85f96e2fcee6a1ba43474972636130365f149eb2273_amd64",
                  "product_id": "container-native-virtualization/kubevirt-ssp-operator@sha256:05c43b71617165ad3763c85f96e2fcee6a1ba43474972636130365f149eb2273_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubevirt-ssp-operator@sha256:05c43b71617165ad3763c85f96e2fcee6a1ba43474972636130365f149eb2273?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-ssp-operator\u0026tag=v4.9.7-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubevirt-template-validator@sha256:a4368df767657c16b81652b14da5768a03a590e70bc0f694e64e5ef815884443_amd64",
                "product": {
                  "name": "container-native-virtualization/kubevirt-template-validator@sha256:a4368df767657c16b81652b14da5768a03a590e70bc0f694e64e5ef815884443_amd64",
                  "product_id": "container-native-virtualization/kubevirt-template-validator@sha256:a4368df767657c16b81652b14da5768a03a590e70bc0f694e64e5ef815884443_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubevirt-template-validator@sha256:a4368df767657c16b81652b14da5768a03a590e70bc0f694e64e5ef815884443?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-template-validator\u0026tag=v4.9.7-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:215c25601c8f1249550365048d6eee4a76419b1a5f6e3b8ff9562db7d60753b7_amd64",
                "product": {
                  "name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:215c25601c8f1249550365048d6eee4a76419b1a5f6e3b8ff9562db7d60753b7_amd64",
                  "product_id": "container-native-virtualization/kubevirt-v2v-conversion@sha256:215c25601c8f1249550365048d6eee4a76419b1a5f6e3b8ff9562db7d60753b7_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubevirt-v2v-conversion@sha256:215c25601c8f1249550365048d6eee4a76419b1a5f6e3b8ff9562db7d60753b7?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-v2v-conversion\u0026tag=v4.9.7-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/kubevirt-vmware@sha256:56bde1a5ae607a58c6d01b3ca4068fe3c9c1d9e0e72b2fd0d1279dd686647d4d_amd64",
                "product": {
                  "name": "container-native-virtualization/kubevirt-vmware@sha256:56bde1a5ae607a58c6d01b3ca4068fe3c9c1d9e0e72b2fd0d1279dd686647d4d_amd64",
                  "product_id": "container-native-virtualization/kubevirt-vmware@sha256:56bde1a5ae607a58c6d01b3ca4068fe3c9c1d9e0e72b2fd0d1279dd686647d4d_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/kubevirt-vmware@sha256:56bde1a5ae607a58c6d01b3ca4068fe3c9c1d9e0e72b2fd0d1279dd686647d4d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-vmware\u0026tag=v4.9.7-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/libguestfs-tools@sha256:8abb932a507e2db69b68127a290a830878a3542f0b6816efa18ffeee91b189db_amd64",
                "product": {
                  "name": "container-native-virtualization/libguestfs-tools@sha256:8abb932a507e2db69b68127a290a830878a3542f0b6816efa18ffeee91b189db_amd64",
                  "product_id": "container-native-virtualization/libguestfs-tools@sha256:8abb932a507e2db69b68127a290a830878a3542f0b6816efa18ffeee91b189db_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/libguestfs-tools@sha256:8abb932a507e2db69b68127a290a830878a3542f0b6816efa18ffeee91b189db?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/libguestfs-tools\u0026tag=v4.9.7-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/node-maintenance-operator@sha256:5cec54c0ff91d6bbc7c6a59a873703c5d05359beb7f2a7933f8125866fd9e0dd_amd64",
                "product": {
                  "name": "container-native-virtualization/node-maintenance-operator@sha256:5cec54c0ff91d6bbc7c6a59a873703c5d05359beb7f2a7933f8125866fd9e0dd_amd64",
                  "product_id": "container-native-virtualization/node-maintenance-operator@sha256:5cec54c0ff91d6bbc7c6a59a873703c5d05359beb7f2a7933f8125866fd9e0dd_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/node-maintenance-operator@sha256:5cec54c0ff91d6bbc7c6a59a873703c5d05359beb7f2a7933f8125866fd9e0dd?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/node-maintenance-operator\u0026tag=v4.9.7-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/ovs-cni-marker@sha256:26ab4f997a9679a0316bb5b3f7fd4336e42737ac221b38500b24cebe07dbf037_amd64",
                "product": {
                  "name": "container-native-virtualization/ovs-cni-marker@sha256:26ab4f997a9679a0316bb5b3f7fd4336e42737ac221b38500b24cebe07dbf037_amd64",
                  "product_id": "container-native-virtualization/ovs-cni-marker@sha256:26ab4f997a9679a0316bb5b3f7fd4336e42737ac221b38500b24cebe07dbf037_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ovs-cni-marker@sha256:26ab4f997a9679a0316bb5b3f7fd4336e42737ac221b38500b24cebe07dbf037?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-marker\u0026tag=v4.9.7-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/ovs-cni-plugin@sha256:ae35f9d9c9a31d54e005009f70e9317d3f57fd71cacaa7919e534d6e16bd485a_amd64",
                "product": {
                  "name": "container-native-virtualization/ovs-cni-plugin@sha256:ae35f9d9c9a31d54e005009f70e9317d3f57fd71cacaa7919e534d6e16bd485a_amd64",
                  "product_id": "container-native-virtualization/ovs-cni-plugin@sha256:ae35f9d9c9a31d54e005009f70e9317d3f57fd71cacaa7919e534d6e16bd485a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/ovs-cni-plugin@sha256:ae35f9d9c9a31d54e005009f70e9317d3f57fd71cacaa7919e534d6e16bd485a?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/ovs-cni-plugin\u0026tag=v4.9.7-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-api@sha256:37ebc772387b400029c0c15cf564dfb3b9d9478e7354522e6038cb98cd42303e_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-api@sha256:37ebc772387b400029c0c15cf564dfb3b9d9478e7354522e6038cb98cd42303e_amd64",
                  "product_id": "container-native-virtualization/virt-api@sha256:37ebc772387b400029c0c15cf564dfb3b9d9478e7354522e6038cb98cd42303e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-api@sha256:37ebc772387b400029c0c15cf564dfb3b9d9478e7354522e6038cb98cd42303e?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-api\u0026tag=v4.9.7-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-artifacts-server@sha256:7ed7085b8c1266553a0fcc2a52fd03f4139d2929dc05885b3c4b8c2b5809e000_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-artifacts-server@sha256:7ed7085b8c1266553a0fcc2a52fd03f4139d2929dc05885b3c4b8c2b5809e000_amd64",
                  "product_id": "container-native-virtualization/virt-artifacts-server@sha256:7ed7085b8c1266553a0fcc2a52fd03f4139d2929dc05885b3c4b8c2b5809e000_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-artifacts-server@sha256:7ed7085b8c1266553a0fcc2a52fd03f4139d2929dc05885b3c4b8c2b5809e000?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-artifacts-server\u0026tag=v4.9.7-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-apiserver@sha256:a9767ca3a53e0dab656d334cc97e9496f40ab82535bdceec320c5048e6de89c8_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-apiserver@sha256:a9767ca3a53e0dab656d334cc97e9496f40ab82535bdceec320c5048e6de89c8_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-apiserver@sha256:a9767ca3a53e0dab656d334cc97e9496f40ab82535bdceec320c5048e6de89c8_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-apiserver@sha256:a9767ca3a53e0dab656d334cc97e9496f40ab82535bdceec320c5048e6de89c8?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-apiserver\u0026tag=v4.9.7-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-cloner@sha256:23cbe943a4b21b2226b4e8f638b17a45fc306b19f06f1c67a23768abfeca2e87_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-cloner@sha256:23cbe943a4b21b2226b4e8f638b17a45fc306b19f06f1c67a23768abfeca2e87_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-cloner@sha256:23cbe943a4b21b2226b4e8f638b17a45fc306b19f06f1c67a23768abfeca2e87_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-cloner@sha256:23cbe943a4b21b2226b4e8f638b17a45fc306b19f06f1c67a23768abfeca2e87?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-cloner\u0026tag=v4.9.7-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-controller@sha256:0e26d1b45c7bf62470d14c01d75d9de349239e8450888017209ca496985457c0_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-controller@sha256:0e26d1b45c7bf62470d14c01d75d9de349239e8450888017209ca496985457c0_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-controller@sha256:0e26d1b45c7bf62470d14c01d75d9de349239e8450888017209ca496985457c0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-controller@sha256:0e26d1b45c7bf62470d14c01d75d9de349239e8450888017209ca496985457c0?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-controller\u0026tag=v4.9.7-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-importer@sha256:6e6732ea9720213d635a250c3545e5c9b0a8a3b6943184e9734e0ada7d0a02a2_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-importer@sha256:6e6732ea9720213d635a250c3545e5c9b0a8a3b6943184e9734e0ada7d0a02a2_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-importer@sha256:6e6732ea9720213d635a250c3545e5c9b0a8a3b6943184e9734e0ada7d0a02a2_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-importer@sha256:6e6732ea9720213d635a250c3545e5c9b0a8a3b6943184e9734e0ada7d0a02a2?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-importer\u0026tag=v4.9.7-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-operator@sha256:59063046badee8e32d93a11a66de46c2a571705947f5227c8e5527c3d35e1f47_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-operator@sha256:59063046badee8e32d93a11a66de46c2a571705947f5227c8e5527c3d35e1f47_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-operator@sha256:59063046badee8e32d93a11a66de46c2a571705947f5227c8e5527c3d35e1f47_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-operator@sha256:59063046badee8e32d93a11a66de46c2a571705947f5227c8e5527c3d35e1f47?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-operator\u0026tag=v4.9.7-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:e75699436dad9bdaa192c4574e9fcab781566d326df66c17146c304f05f361a1_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:e75699436dad9bdaa192c4574e9fcab781566d326df66c17146c304f05f361a1_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-uploadproxy@sha256:e75699436dad9bdaa192c4574e9fcab781566d326df66c17146c304f05f361a1_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-uploadproxy@sha256:e75699436dad9bdaa192c4574e9fcab781566d326df66c17146c304f05f361a1?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadproxy\u0026tag=v4.9.7-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-cdi-uploadserver@sha256:45e423cc38118b03fd694006b8aa284b4724083d0e1757b1f76420f00696675c_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-cdi-uploadserver@sha256:45e423cc38118b03fd694006b8aa284b4724083d0e1757b1f76420f00696675c_amd64",
                  "product_id": "container-native-virtualization/virt-cdi-uploadserver@sha256:45e423cc38118b03fd694006b8aa284b4724083d0e1757b1f76420f00696675c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-cdi-uploadserver@sha256:45e423cc38118b03fd694006b8aa284b4724083d0e1757b1f76420f00696675c?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-cdi-uploadserver\u0026tag=v4.9.7-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-controller@sha256:aa2e77638b4934b2c03a79d1e7eb52463fb9a477ab2a355c45df62abdba2eb04_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-controller@sha256:aa2e77638b4934b2c03a79d1e7eb52463fb9a477ab2a355c45df62abdba2eb04_amd64",
                  "product_id": "container-native-virtualization/virt-controller@sha256:aa2e77638b4934b2c03a79d1e7eb52463fb9a477ab2a355c45df62abdba2eb04_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-controller@sha256:aa2e77638b4934b2c03a79d1e7eb52463fb9a477ab2a355c45df62abdba2eb04?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-controller\u0026tag=v4.9.7-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-handler@sha256:6b3fc523db1aded511e39e8da797d688b925fcc829d85d940b44589698a70ba7_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-handler@sha256:6b3fc523db1aded511e39e8da797d688b925fcc829d85d940b44589698a70ba7_amd64",
                  "product_id": "container-native-virtualization/virt-handler@sha256:6b3fc523db1aded511e39e8da797d688b925fcc829d85d940b44589698a70ba7_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-handler@sha256:6b3fc523db1aded511e39e8da797d688b925fcc829d85d940b44589698a70ba7?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-handler\u0026tag=v4.9.7-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virtio-win@sha256:b106c2eaea2836dab71d0d0727c4664ec8c6faf3ddc93c6cf696afb22a0821e9_amd64",
                "product": {
                  "name": "container-native-virtualization/virtio-win@sha256:b106c2eaea2836dab71d0d0727c4664ec8c6faf3ddc93c6cf696afb22a0821e9_amd64",
                  "product_id": "container-native-virtualization/virtio-win@sha256:b106c2eaea2836dab71d0d0727c4664ec8c6faf3ddc93c6cf696afb22a0821e9_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virtio-win@sha256:b106c2eaea2836dab71d0d0727c4664ec8c6faf3ddc93c6cf696afb22a0821e9?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virtio-win\u0026tag=v4.9.7-3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-launcher@sha256:1eaacff0e54e7b46740868f53e9095ca483785621c36d748730201057e4b44ea_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-launcher@sha256:1eaacff0e54e7b46740868f53e9095ca483785621c36d748730201057e4b44ea_amd64",
                  "product_id": "container-native-virtualization/virt-launcher@sha256:1eaacff0e54e7b46740868f53e9095ca483785621c36d748730201057e4b44ea_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-launcher@sha256:1eaacff0e54e7b46740868f53e9095ca483785621c36d748730201057e4b44ea?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-launcher\u0026tag=v4.9.7-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/virt-operator@sha256:e793c66c3bd823c89ca6273aeeb60b09d1213c0c68a68a616657ba17b8116ea7_amd64",
                "product": {
                  "name": "container-native-virtualization/virt-operator@sha256:e793c66c3bd823c89ca6273aeeb60b09d1213c0c68a68a616657ba17b8116ea7_amd64",
                  "product_id": "container-native-virtualization/virt-operator@sha256:e793c66c3bd823c89ca6273aeeb60b09d1213c0c68a68a616657ba17b8116ea7_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/virt-operator@sha256:e793c66c3bd823c89ca6273aeeb60b09d1213c0c68a68a616657ba17b8116ea7?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/virt-operator\u0026tag=v4.9.7-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/vm-import-controller-rhel8@sha256:424b4a3bb2dea65e990f1132aeed52683bc6daae1d8cb1e0a11a228a66e2e156_amd64",
                "product": {
                  "name": "container-native-virtualization/vm-import-controller-rhel8@sha256:424b4a3bb2dea65e990f1132aeed52683bc6daae1d8cb1e0a11a228a66e2e156_amd64",
                  "product_id": "container-native-virtualization/vm-import-controller-rhel8@sha256:424b4a3bb2dea65e990f1132aeed52683bc6daae1d8cb1e0a11a228a66e2e156_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/vm-import-controller-rhel8@sha256:424b4a3bb2dea65e990f1132aeed52683bc6daae1d8cb1e0a11a228a66e2e156?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-controller-rhel8\u0026tag=v4.9.7-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/vm-import-operator-rhel8@sha256:8db649e114ccc3aefd1ee74518f3d3d39bbd08160a6208b2a4ff70c61e38b48b_amd64",
                "product": {
                  "name": "container-native-virtualization/vm-import-operator-rhel8@sha256:8db649e114ccc3aefd1ee74518f3d3d39bbd08160a6208b2a4ff70c61e38b48b_amd64",
                  "product_id": "container-native-virtualization/vm-import-operator-rhel8@sha256:8db649e114ccc3aefd1ee74518f3d3d39bbd08160a6208b2a4ff70c61e38b48b_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/vm-import-operator-rhel8@sha256:8db649e114ccc3aefd1ee74518f3d3d39bbd08160a6208b2a4ff70c61e38b48b?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-operator-rhel8\u0026tag=v4.9.7-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:4efa6304395bf177335cbc7a2c9d3f56b4ee4a5979591834a9b46281aadae24e_amd64",
                "product": {
                  "name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:4efa6304395bf177335cbc7a2c9d3f56b4ee4a5979591834a9b46281aadae24e_amd64",
                  "product_id": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:4efa6304395bf177335cbc7a2c9d3f56b4ee4a5979591834a9b46281aadae24e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/vm-import-virtv2v-rhel8@sha256:4efa6304395bf177335cbc7a2c9d3f56b4ee4a5979591834a9b46281aadae24e?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-virtv2v-rhel8\u0026tag=v4.9.7-4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/bridge-marker@sha256:95f6b48f3b497ff38ce618b7461d415b8b1c93822dac22635ee72b7189f61489_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:95f6b48f3b497ff38ce618b7461d415b8b1c93822dac22635ee72b7189f61489_amd64"
        },
        "product_reference": "container-native-virtualization/bridge-marker@sha256:95f6b48f3b497ff38ce618b7461d415b8b1c93822dac22635ee72b7189f61489_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/cluster-network-addons-operator@sha256:d3d5a9547632ce7c84deffb2ef5e6c6728462e24b89ddfc0ad925a762c356820_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:d3d5a9547632ce7c84deffb2ef5e6c6728462e24b89ddfc0ad925a762c356820_amd64"
        },
        "product_reference": "container-native-virtualization/cluster-network-addons-operator@sha256:d3d5a9547632ce7c84deffb2ef5e6c6728462e24b89ddfc0ad925a762c356820_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/cnv-containernetworking-plugins@sha256:b5b65faeedf99f08ca151552678dde8348292b97cfdfb1d2fef89ef8390c8a12_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:b5b65faeedf99f08ca151552678dde8348292b97cfdfb1d2fef89ef8390c8a12_amd64"
        },
        "product_reference": "container-native-virtualization/cnv-containernetworking-plugins@sha256:b5b65faeedf99f08ca151552678dde8348292b97cfdfb1d2fef89ef8390c8a12_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/cnv-must-gather-rhel8@sha256:db3d06df3dab3a08dd3c404a61c616ad5b7ab3972109fd9ef72a9acf309cfdb6_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:db3d06df3dab3a08dd3c404a61c616ad5b7ab3972109fd9ef72a9acf309cfdb6_amd64"
        },
        "product_reference": "container-native-virtualization/cnv-must-gather-rhel8@sha256:db3d06df3dab3a08dd3c404a61c616ad5b7ab3972109fd9ef72a9acf309cfdb6_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hco-bundle-registry@sha256:eb1542e163a1e119457c1468accf8f60a0b5a934d9059728e6059ad4f2b24cf0_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:eb1542e163a1e119457c1468accf8f60a0b5a934d9059728e6059ad4f2b24cf0_amd64"
        },
        "product_reference": "container-native-virtualization/hco-bundle-registry@sha256:eb1542e163a1e119457c1468accf8f60a0b5a934d9059728e6059ad4f2b24cf0_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:d77bd51acb92723b5ee72a3ea9a171c14294014e1cd793bd4e88cd9e5a4bd2d0_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:d77bd51acb92723b5ee72a3ea9a171c14294014e1cd793bd4e88cd9e5a4bd2d0_amd64"
        },
        "product_reference": "container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:d77bd51acb92723b5ee72a3ea9a171c14294014e1cd793bd4e88cd9e5a4bd2d0_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:25f308ffaafcc1d1216bb90c566713a2873411bd000c9b360cbc9397d0d95a25_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:25f308ffaafcc1d1216bb90c566713a2873411bd000c9b360cbc9397d0d95a25_amd64"
        },
        "product_reference": "container-native-virtualization/hostpath-provisioner-rhel8@sha256:25f308ffaafcc1d1216bb90c566713a2873411bd000c9b360cbc9397d0d95a25_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hyperconverged-cluster-operator@sha256:00a5c0e1db2d38bc260c28ea661e12672a87fabdb31fbea44918e7c78fd9385a_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:00a5c0e1db2d38bc260c28ea661e12672a87fabdb31fbea44918e7c78fd9385a_amd64"
        },
        "product_reference": "container-native-virtualization/hyperconverged-cluster-operator@sha256:00a5c0e1db2d38bc260c28ea661e12672a87fabdb31fbea44918e7c78fd9385a_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:b46b59a2c62bf467ff7113fbd40abffefdfa73ef1762ed793fc426b1f264167a_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:b46b59a2c62bf467ff7113fbd40abffefdfa73ef1762ed793fc426b1f264167a_amd64"
        },
        "product_reference": "container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:b46b59a2c62bf467ff7113fbd40abffefdfa73ef1762ed793fc426b1f264167a_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubemacpool@sha256:80caea580f582930b274619bda7628d945215a44c727f3097cdf146c03908452_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:80caea580f582930b274619bda7628d945215a44c727f3097cdf146c03908452_amd64"
        },
        "product_reference": "container-native-virtualization/kubemacpool@sha256:80caea580f582930b274619bda7628d945215a44c727f3097cdf146c03908452_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:c79fbbe514a1879cc33eaf16225d56fe8d15b14bf2f334c7e82861298b63da85_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:c79fbbe514a1879cc33eaf16225d56fe8d15b14bf2f334c7e82861298b63da85_amd64"
        },
        "product_reference": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:c79fbbe514a1879cc33eaf16225d56fe8d15b14bf2f334c7e82861298b63da85_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubevirt-ssp-operator@sha256:05c43b71617165ad3763c85f96e2fcee6a1ba43474972636130365f149eb2273_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:05c43b71617165ad3763c85f96e2fcee6a1ba43474972636130365f149eb2273_amd64"
        },
        "product_reference": "container-native-virtualization/kubevirt-ssp-operator@sha256:05c43b71617165ad3763c85f96e2fcee6a1ba43474972636130365f149eb2273_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubevirt-template-validator@sha256:a4368df767657c16b81652b14da5768a03a590e70bc0f694e64e5ef815884443_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:a4368df767657c16b81652b14da5768a03a590e70bc0f694e64e5ef815884443_amd64"
        },
        "product_reference": "container-native-virtualization/kubevirt-template-validator@sha256:a4368df767657c16b81652b14da5768a03a590e70bc0f694e64e5ef815884443_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:215c25601c8f1249550365048d6eee4a76419b1a5f6e3b8ff9562db7d60753b7_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:215c25601c8f1249550365048d6eee4a76419b1a5f6e3b8ff9562db7d60753b7_amd64"
        },
        "product_reference": "container-native-virtualization/kubevirt-v2v-conversion@sha256:215c25601c8f1249550365048d6eee4a76419b1a5f6e3b8ff9562db7d60753b7_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/kubevirt-vmware@sha256:56bde1a5ae607a58c6d01b3ca4068fe3c9c1d9e0e72b2fd0d1279dd686647d4d_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:56bde1a5ae607a58c6d01b3ca4068fe3c9c1d9e0e72b2fd0d1279dd686647d4d_amd64"
        },
        "product_reference": "container-native-virtualization/kubevirt-vmware@sha256:56bde1a5ae607a58c6d01b3ca4068fe3c9c1d9e0e72b2fd0d1279dd686647d4d_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/libguestfs-tools@sha256:8abb932a507e2db69b68127a290a830878a3542f0b6816efa18ffeee91b189db_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:8abb932a507e2db69b68127a290a830878a3542f0b6816efa18ffeee91b189db_amd64"
        },
        "product_reference": "container-native-virtualization/libguestfs-tools@sha256:8abb932a507e2db69b68127a290a830878a3542f0b6816efa18ffeee91b189db_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/node-maintenance-operator@sha256:5cec54c0ff91d6bbc7c6a59a873703c5d05359beb7f2a7933f8125866fd9e0dd_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:5cec54c0ff91d6bbc7c6a59a873703c5d05359beb7f2a7933f8125866fd9e0dd_amd64"
        },
        "product_reference": "container-native-virtualization/node-maintenance-operator@sha256:5cec54c0ff91d6bbc7c6a59a873703c5d05359beb7f2a7933f8125866fd9e0dd_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/ovs-cni-marker@sha256:26ab4f997a9679a0316bb5b3f7fd4336e42737ac221b38500b24cebe07dbf037_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:26ab4f997a9679a0316bb5b3f7fd4336e42737ac221b38500b24cebe07dbf037_amd64"
        },
        "product_reference": "container-native-virtualization/ovs-cni-marker@sha256:26ab4f997a9679a0316bb5b3f7fd4336e42737ac221b38500b24cebe07dbf037_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/ovs-cni-plugin@sha256:ae35f9d9c9a31d54e005009f70e9317d3f57fd71cacaa7919e534d6e16bd485a_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:ae35f9d9c9a31d54e005009f70e9317d3f57fd71cacaa7919e534d6e16bd485a_amd64"
        },
        "product_reference": "container-native-virtualization/ovs-cni-plugin@sha256:ae35f9d9c9a31d54e005009f70e9317d3f57fd71cacaa7919e534d6e16bd485a_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-api@sha256:37ebc772387b400029c0c15cf564dfb3b9d9478e7354522e6038cb98cd42303e_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:37ebc772387b400029c0c15cf564dfb3b9d9478e7354522e6038cb98cd42303e_amd64"
        },
        "product_reference": "container-native-virtualization/virt-api@sha256:37ebc772387b400029c0c15cf564dfb3b9d9478e7354522e6038cb98cd42303e_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-artifacts-server@sha256:7ed7085b8c1266553a0fcc2a52fd03f4139d2929dc05885b3c4b8c2b5809e000_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:7ed7085b8c1266553a0fcc2a52fd03f4139d2929dc05885b3c4b8c2b5809e000_amd64"
        },
        "product_reference": "container-native-virtualization/virt-artifacts-server@sha256:7ed7085b8c1266553a0fcc2a52fd03f4139d2929dc05885b3c4b8c2b5809e000_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-apiserver@sha256:a9767ca3a53e0dab656d334cc97e9496f40ab82535bdceec320c5048e6de89c8_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:a9767ca3a53e0dab656d334cc97e9496f40ab82535bdceec320c5048e6de89c8_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-apiserver@sha256:a9767ca3a53e0dab656d334cc97e9496f40ab82535bdceec320c5048e6de89c8_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-cloner@sha256:23cbe943a4b21b2226b4e8f638b17a45fc306b19f06f1c67a23768abfeca2e87_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:23cbe943a4b21b2226b4e8f638b17a45fc306b19f06f1c67a23768abfeca2e87_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-cloner@sha256:23cbe943a4b21b2226b4e8f638b17a45fc306b19f06f1c67a23768abfeca2e87_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-controller@sha256:0e26d1b45c7bf62470d14c01d75d9de349239e8450888017209ca496985457c0_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:0e26d1b45c7bf62470d14c01d75d9de349239e8450888017209ca496985457c0_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-controller@sha256:0e26d1b45c7bf62470d14c01d75d9de349239e8450888017209ca496985457c0_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-importer@sha256:6e6732ea9720213d635a250c3545e5c9b0a8a3b6943184e9734e0ada7d0a02a2_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:6e6732ea9720213d635a250c3545e5c9b0a8a3b6943184e9734e0ada7d0a02a2_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-importer@sha256:6e6732ea9720213d635a250c3545e5c9b0a8a3b6943184e9734e0ada7d0a02a2_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-operator@sha256:59063046badee8e32d93a11a66de46c2a571705947f5227c8e5527c3d35e1f47_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:59063046badee8e32d93a11a66de46c2a571705947f5227c8e5527c3d35e1f47_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-operator@sha256:59063046badee8e32d93a11a66de46c2a571705947f5227c8e5527c3d35e1f47_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-uploadproxy@sha256:e75699436dad9bdaa192c4574e9fcab781566d326df66c17146c304f05f361a1_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:e75699436dad9bdaa192c4574e9fcab781566d326df66c17146c304f05f361a1_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-uploadproxy@sha256:e75699436dad9bdaa192c4574e9fcab781566d326df66c17146c304f05f361a1_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-cdi-uploadserver@sha256:45e423cc38118b03fd694006b8aa284b4724083d0e1757b1f76420f00696675c_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:45e423cc38118b03fd694006b8aa284b4724083d0e1757b1f76420f00696675c_amd64"
        },
        "product_reference": "container-native-virtualization/virt-cdi-uploadserver@sha256:45e423cc38118b03fd694006b8aa284b4724083d0e1757b1f76420f00696675c_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-controller@sha256:aa2e77638b4934b2c03a79d1e7eb52463fb9a477ab2a355c45df62abdba2eb04_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:aa2e77638b4934b2c03a79d1e7eb52463fb9a477ab2a355c45df62abdba2eb04_amd64"
        },
        "product_reference": "container-native-virtualization/virt-controller@sha256:aa2e77638b4934b2c03a79d1e7eb52463fb9a477ab2a355c45df62abdba2eb04_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-handler@sha256:6b3fc523db1aded511e39e8da797d688b925fcc829d85d940b44589698a70ba7_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:6b3fc523db1aded511e39e8da797d688b925fcc829d85d940b44589698a70ba7_amd64"
        },
        "product_reference": "container-native-virtualization/virt-handler@sha256:6b3fc523db1aded511e39e8da797d688b925fcc829d85d940b44589698a70ba7_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-launcher@sha256:1eaacff0e54e7b46740868f53e9095ca483785621c36d748730201057e4b44ea_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:1eaacff0e54e7b46740868f53e9095ca483785621c36d748730201057e4b44ea_amd64"
        },
        "product_reference": "container-native-virtualization/virt-launcher@sha256:1eaacff0e54e7b46740868f53e9095ca483785621c36d748730201057e4b44ea_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virt-operator@sha256:e793c66c3bd823c89ca6273aeeb60b09d1213c0c68a68a616657ba17b8116ea7_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:e793c66c3bd823c89ca6273aeeb60b09d1213c0c68a68a616657ba17b8116ea7_amd64"
        },
        "product_reference": "container-native-virtualization/virt-operator@sha256:e793c66c3bd823c89ca6273aeeb60b09d1213c0c68a68a616657ba17b8116ea7_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/virtio-win@sha256:b106c2eaea2836dab71d0d0727c4664ec8c6faf3ddc93c6cf696afb22a0821e9_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:b106c2eaea2836dab71d0d0727c4664ec8c6faf3ddc93c6cf696afb22a0821e9_amd64"
        },
        "product_reference": "container-native-virtualization/virtio-win@sha256:b106c2eaea2836dab71d0d0727c4664ec8c6faf3ddc93c6cf696afb22a0821e9_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/vm-import-controller-rhel8@sha256:424b4a3bb2dea65e990f1132aeed52683bc6daae1d8cb1e0a11a228a66e2e156_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:424b4a3bb2dea65e990f1132aeed52683bc6daae1d8cb1e0a11a228a66e2e156_amd64"
        },
        "product_reference": "container-native-virtualization/vm-import-controller-rhel8@sha256:424b4a3bb2dea65e990f1132aeed52683bc6daae1d8cb1e0a11a228a66e2e156_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/vm-import-operator-rhel8@sha256:8db649e114ccc3aefd1ee74518f3d3d39bbd08160a6208b2a4ff70c61e38b48b_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:8db649e114ccc3aefd1ee74518f3d3d39bbd08160a6208b2a4ff70c61e38b48b_amd64"
        },
        "product_reference": "container-native-virtualization/vm-import-operator-rhel8@sha256:8db649e114ccc3aefd1ee74518f3d3d39bbd08160a6208b2a4ff70c61e38b48b_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:4efa6304395bf177335cbc7a2c9d3f56b4ee4a5979591834a9b46281aadae24e_amd64 as a component of CNV 4.9 for RHEL 8",
          "product_id": "8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:4efa6304395bf177335cbc7a2c9d3f56b4ee4a5979591834a9b46281aadae24e_amd64"
        },
        "product_reference": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:4efa6304395bf177335cbc7a2c9d3f56b4ee4a5979591834a9b46281aadae24e_amd64",
        "relates_to_product_reference": "8Base-CNV-4.9"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-1996",
      "cwe": {
        "id": "CWE-639",
        "name": "Authorization Bypass Through User-Controlled Key"
      },
      "discovery_date": "2022-06-08T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:95f6b48f3b497ff38ce618b7461d415b8b1c93822dac22635ee72b7189f61489_amd64",
            "8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:b5b65faeedf99f08ca151552678dde8348292b97cfdfb1d2fef89ef8390c8a12_amd64",
            "8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:db3d06df3dab3a08dd3c404a61c616ad5b7ab3972109fd9ef72a9acf309cfdb6_amd64",
            "8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:eb1542e163a1e119457c1468accf8f60a0b5a934d9059728e6059ad4f2b24cf0_amd64",
            "8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:00a5c0e1db2d38bc260c28ea661e12672a87fabdb31fbea44918e7c78fd9385a_amd64",
            "8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:c79fbbe514a1879cc33eaf16225d56fe8d15b14bf2f334c7e82861298b63da85_amd64",
            "8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:a4368df767657c16b81652b14da5768a03a590e70bc0f694e64e5ef815884443_amd64",
            "8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:215c25601c8f1249550365048d6eee4a76419b1a5f6e3b8ff9562db7d60753b7_amd64",
            "8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:26ab4f997a9679a0316bb5b3f7fd4336e42737ac221b38500b24cebe07dbf037_amd64",
            "8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:ae35f9d9c9a31d54e005009f70e9317d3f57fd71cacaa7919e534d6e16bd485a_amd64",
            "8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:37ebc772387b400029c0c15cf564dfb3b9d9478e7354522e6038cb98cd42303e_amd64",
            "8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:7ed7085b8c1266553a0fcc2a52fd03f4139d2929dc05885b3c4b8c2b5809e000_amd64",
            "8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:a9767ca3a53e0dab656d334cc97e9496f40ab82535bdceec320c5048e6de89c8_amd64",
            "8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:0e26d1b45c7bf62470d14c01d75d9de349239e8450888017209ca496985457c0_amd64",
            "8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:6e6732ea9720213d635a250c3545e5c9b0a8a3b6943184e9734e0ada7d0a02a2_amd64",
            "8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:59063046badee8e32d93a11a66de46c2a571705947f5227c8e5527c3d35e1f47_amd64",
            "8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:e75699436dad9bdaa192c4574e9fcab781566d326df66c17146c304f05f361a1_amd64",
            "8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:45e423cc38118b03fd694006b8aa284b4724083d0e1757b1f76420f00696675c_amd64",
            "8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:aa2e77638b4934b2c03a79d1e7eb52463fb9a477ab2a355c45df62abdba2eb04_amd64",
            "8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:6b3fc523db1aded511e39e8da797d688b925fcc829d85d940b44589698a70ba7_amd64",
            "8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:1eaacff0e54e7b46740868f53e9095ca483785621c36d748730201057e4b44ea_amd64",
            "8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:e793c66c3bd823c89ca6273aeeb60b09d1213c0c68a68a616657ba17b8116ea7_amd64",
            "8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:b106c2eaea2836dab71d0d0727c4664ec8c6faf3ddc93c6cf696afb22a0821e9_amd64",
            "8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:424b4a3bb2dea65e990f1132aeed52683bc6daae1d8cb1e0a11a228a66e2e156_amd64",
            "8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:8db649e114ccc3aefd1ee74518f3d3d39bbd08160a6208b2a4ff70c61e38b48b_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2094982"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in CORS Filter feature from the go-restful package. When a user inputs a domain which is in AllowedDomains, all domains starting with the same pattern are accepted. This issue could allow an attacker to break the CORS policy by allowing any page to make requests and retrieve data on behalf of users.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "go-restful: Authorization Bypass Through User-Controlled Key",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The go-restful package is a transitive dependency which is being pulled with k8s.io/api and not directly being used anywhere in OpenShift Container Platform (OCP), OpenShift Container Storage, OpenShift Data Foundation, OpenShift Do and OpenShift Pipelines, hence these components are marked as \u0027Will not fix\u0027 or even \"Not affected\".",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:d3d5a9547632ce7c84deffb2ef5e6c6728462e24b89ddfc0ad925a762c356820_amd64",
          "8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:d77bd51acb92723b5ee72a3ea9a171c14294014e1cd793bd4e88cd9e5a4bd2d0_amd64",
          "8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:25f308ffaafcc1d1216bb90c566713a2873411bd000c9b360cbc9397d0d95a25_amd64",
          "8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:b46b59a2c62bf467ff7113fbd40abffefdfa73ef1762ed793fc426b1f264167a_amd64",
          "8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:80caea580f582930b274619bda7628d945215a44c727f3097cdf146c03908452_amd64",
          "8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:05c43b71617165ad3763c85f96e2fcee6a1ba43474972636130365f149eb2273_amd64",
          "8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:56bde1a5ae607a58c6d01b3ca4068fe3c9c1d9e0e72b2fd0d1279dd686647d4d_amd64",
          "8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:8abb932a507e2db69b68127a290a830878a3542f0b6816efa18ffeee91b189db_amd64",
          "8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:5cec54c0ff91d6bbc7c6a59a873703c5d05359beb7f2a7933f8125866fd9e0dd_amd64",
          "8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:23cbe943a4b21b2226b4e8f638b17a45fc306b19f06f1c67a23768abfeca2e87_amd64",
          "8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:4efa6304395bf177335cbc7a2c9d3f56b4ee4a5979591834a9b46281aadae24e_amd64"
        ],
        "known_not_affected": [
          "8Base-CNV-4.9:container-native-virtualization/bridge-marker@sha256:95f6b48f3b497ff38ce618b7461d415b8b1c93822dac22635ee72b7189f61489_amd64",
          "8Base-CNV-4.9:container-native-virtualization/cnv-containernetworking-plugins@sha256:b5b65faeedf99f08ca151552678dde8348292b97cfdfb1d2fef89ef8390c8a12_amd64",
          "8Base-CNV-4.9:container-native-virtualization/cnv-must-gather-rhel8@sha256:db3d06df3dab3a08dd3c404a61c616ad5b7ab3972109fd9ef72a9acf309cfdb6_amd64",
          "8Base-CNV-4.9:container-native-virtualization/hco-bundle-registry@sha256:eb1542e163a1e119457c1468accf8f60a0b5a934d9059728e6059ad4f2b24cf0_amd64",
          "8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-operator@sha256:00a5c0e1db2d38bc260c28ea661e12672a87fabdb31fbea44918e7c78fd9385a_amd64",
          "8Base-CNV-4.9:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:c79fbbe514a1879cc33eaf16225d56fe8d15b14bf2f334c7e82861298b63da85_amd64",
          "8Base-CNV-4.9:container-native-virtualization/kubevirt-template-validator@sha256:a4368df767657c16b81652b14da5768a03a590e70bc0f694e64e5ef815884443_amd64",
          "8Base-CNV-4.9:container-native-virtualization/kubevirt-v2v-conversion@sha256:215c25601c8f1249550365048d6eee4a76419b1a5f6e3b8ff9562db7d60753b7_amd64",
          "8Base-CNV-4.9:container-native-virtualization/ovs-cni-marker@sha256:26ab4f997a9679a0316bb5b3f7fd4336e42737ac221b38500b24cebe07dbf037_amd64",
          "8Base-CNV-4.9:container-native-virtualization/ovs-cni-plugin@sha256:ae35f9d9c9a31d54e005009f70e9317d3f57fd71cacaa7919e534d6e16bd485a_amd64",
          "8Base-CNV-4.9:container-native-virtualization/virt-api@sha256:37ebc772387b400029c0c15cf564dfb3b9d9478e7354522e6038cb98cd42303e_amd64",
          "8Base-CNV-4.9:container-native-virtualization/virt-artifacts-server@sha256:7ed7085b8c1266553a0fcc2a52fd03f4139d2929dc05885b3c4b8c2b5809e000_amd64",
          "8Base-CNV-4.9:container-native-virtualization/virt-cdi-apiserver@sha256:a9767ca3a53e0dab656d334cc97e9496f40ab82535bdceec320c5048e6de89c8_amd64",
          "8Base-CNV-4.9:container-native-virtualization/virt-cdi-controller@sha256:0e26d1b45c7bf62470d14c01d75d9de349239e8450888017209ca496985457c0_amd64",
          "8Base-CNV-4.9:container-native-virtualization/virt-cdi-importer@sha256:6e6732ea9720213d635a250c3545e5c9b0a8a3b6943184e9734e0ada7d0a02a2_amd64",
          "8Base-CNV-4.9:container-native-virtualization/virt-cdi-operator@sha256:59063046badee8e32d93a11a66de46c2a571705947f5227c8e5527c3d35e1f47_amd64",
          "8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadproxy@sha256:e75699436dad9bdaa192c4574e9fcab781566d326df66c17146c304f05f361a1_amd64",
          "8Base-CNV-4.9:container-native-virtualization/virt-cdi-uploadserver@sha256:45e423cc38118b03fd694006b8aa284b4724083d0e1757b1f76420f00696675c_amd64",
          "8Base-CNV-4.9:container-native-virtualization/virt-controller@sha256:aa2e77638b4934b2c03a79d1e7eb52463fb9a477ab2a355c45df62abdba2eb04_amd64",
          "8Base-CNV-4.9:container-native-virtualization/virt-handler@sha256:6b3fc523db1aded511e39e8da797d688b925fcc829d85d940b44589698a70ba7_amd64",
          "8Base-CNV-4.9:container-native-virtualization/virt-launcher@sha256:1eaacff0e54e7b46740868f53e9095ca483785621c36d748730201057e4b44ea_amd64",
          "8Base-CNV-4.9:container-native-virtualization/virt-operator@sha256:e793c66c3bd823c89ca6273aeeb60b09d1213c0c68a68a616657ba17b8116ea7_amd64",
          "8Base-CNV-4.9:container-native-virtualization/virtio-win@sha256:b106c2eaea2836dab71d0d0727c4664ec8c6faf3ddc93c6cf696afb22a0821e9_amd64",
          "8Base-CNV-4.9:container-native-virtualization/vm-import-controller-rhel8@sha256:424b4a3bb2dea65e990f1132aeed52683bc6daae1d8cb1e0a11a228a66e2e156_amd64",
          "8Base-CNV-4.9:container-native-virtualization/vm-import-operator-rhel8@sha256:8db649e114ccc3aefd1ee74518f3d3d39bbd08160a6208b2a4ff70c61e38b48b_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-1996"
        },
        {
          "category": "external",
          "summary": "RHBZ#2094982",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2094982"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-1996",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-1996"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-1996",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-1996"
        }
      ],
      "release_date": "2022-06-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2022-11-22T19:03:41+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:d3d5a9547632ce7c84deffb2ef5e6c6728462e24b89ddfc0ad925a762c356820_amd64",
            "8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:d77bd51acb92723b5ee72a3ea9a171c14294014e1cd793bd4e88cd9e5a4bd2d0_amd64",
            "8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:25f308ffaafcc1d1216bb90c566713a2873411bd000c9b360cbc9397d0d95a25_amd64",
            "8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:b46b59a2c62bf467ff7113fbd40abffefdfa73ef1762ed793fc426b1f264167a_amd64",
            "8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:80caea580f582930b274619bda7628d945215a44c727f3097cdf146c03908452_amd64",
            "8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:05c43b71617165ad3763c85f96e2fcee6a1ba43474972636130365f149eb2273_amd64",
            "8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:56bde1a5ae607a58c6d01b3ca4068fe3c9c1d9e0e72b2fd0d1279dd686647d4d_amd64",
            "8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:8abb932a507e2db69b68127a290a830878a3542f0b6816efa18ffeee91b189db_amd64",
            "8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:5cec54c0ff91d6bbc7c6a59a873703c5d05359beb7f2a7933f8125866fd9e0dd_amd64",
            "8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:23cbe943a4b21b2226b4e8f638b17a45fc306b19f06f1c67a23768abfeca2e87_amd64",
            "8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:4efa6304395bf177335cbc7a2c9d3f56b4ee4a5979591834a9b46281aadae24e_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2022:8609"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-CNV-4.9:container-native-virtualization/cluster-network-addons-operator@sha256:d3d5a9547632ce7c84deffb2ef5e6c6728462e24b89ddfc0ad925a762c356820_amd64",
            "8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8-operator@sha256:d77bd51acb92723b5ee72a3ea9a171c14294014e1cd793bd4e88cd9e5a4bd2d0_amd64",
            "8Base-CNV-4.9:container-native-virtualization/hostpath-provisioner-rhel8@sha256:25f308ffaafcc1d1216bb90c566713a2873411bd000c9b360cbc9397d0d95a25_amd64",
            "8Base-CNV-4.9:container-native-virtualization/hyperconverged-cluster-webhook-rhel8@sha256:b46b59a2c62bf467ff7113fbd40abffefdfa73ef1762ed793fc426b1f264167a_amd64",
            "8Base-CNV-4.9:container-native-virtualization/kubemacpool@sha256:80caea580f582930b274619bda7628d945215a44c727f3097cdf146c03908452_amd64",
            "8Base-CNV-4.9:container-native-virtualization/kubevirt-ssp-operator@sha256:05c43b71617165ad3763c85f96e2fcee6a1ba43474972636130365f149eb2273_amd64",
            "8Base-CNV-4.9:container-native-virtualization/kubevirt-vmware@sha256:56bde1a5ae607a58c6d01b3ca4068fe3c9c1d9e0e72b2fd0d1279dd686647d4d_amd64",
            "8Base-CNV-4.9:container-native-virtualization/libguestfs-tools@sha256:8abb932a507e2db69b68127a290a830878a3542f0b6816efa18ffeee91b189db_amd64",
            "8Base-CNV-4.9:container-native-virtualization/node-maintenance-operator@sha256:5cec54c0ff91d6bbc7c6a59a873703c5d05359beb7f2a7933f8125866fd9e0dd_amd64",
            "8Base-CNV-4.9:container-native-virtualization/virt-cdi-cloner@sha256:23cbe943a4b21b2226b4e8f638b17a45fc306b19f06f1c67a23768abfeca2e87_amd64",
            "8Base-CNV-4.9:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:4efa6304395bf177335cbc7a2c9d3f56b4ee4a5979591834a9b46281aadae24e_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "go-restful: Authorization Bypass Through User-Controlled Key"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.