rhsa-2022_8634
Vulnerability from csaf_redhat
Published
2022-11-28 02:51
Modified
2024-09-18 15:48
Summary
Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.1 security and bug fix update
Notes
Topic
OpenShift API for Data Protection (OADP) 1.1.1 is now available.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.
Security Fix(es) from Bugzilla:
* golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)
* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)
* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)
* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)
* golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "OpenShift API for Data Protection (OADP) 1.1.1 is now available.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.\n\nSecurity Fix(es) from Bugzilla:\n\n* golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)\n\n* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)\n\n* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)\n\n* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)\n\n* golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:8634",
"url": "https://access.redhat.com/errata/RHSA-2022:8634"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2064702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064702"
},
{
"category": "external",
"summary": "2107386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386"
},
{
"category": "external",
"summary": "2107388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388"
},
{
"category": "external",
"summary": "2124668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668"
},
{
"category": "external",
"summary": "2124669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
},
{
"category": "external",
"summary": "OADP-1002",
"url": "https://issues.redhat.com/browse/OADP-1002"
},
{
"category": "external",
"summary": "OADP-1016",
"url": "https://issues.redhat.com/browse/OADP-1016"
},
{
"category": "external",
"summary": "OADP-1020",
"url": "https://issues.redhat.com/browse/OADP-1020"
},
{
"category": "external",
"summary": "OADP-1027",
"url": "https://issues.redhat.com/browse/OADP-1027"
},
{
"category": "external",
"summary": "OADP-608",
"url": "https://issues.redhat.com/browse/OADP-608"
},
{
"category": "external",
"summary": "OADP-609",
"url": "https://issues.redhat.com/browse/OADP-609"
},
{
"category": "external",
"summary": "OADP-611",
"url": "https://issues.redhat.com/browse/OADP-611"
},
{
"category": "external",
"summary": "OADP-612",
"url": "https://issues.redhat.com/browse/OADP-612"
},
{
"category": "external",
"summary": "OADP-642",
"url": "https://issues.redhat.com/browse/OADP-642"
},
{
"category": "external",
"summary": "OADP-645",
"url": "https://issues.redhat.com/browse/OADP-645"
},
{
"category": "external",
"summary": "OADP-662",
"url": "https://issues.redhat.com/browse/OADP-662"
},
{
"category": "external",
"summary": "OADP-724",
"url": "https://issues.redhat.com/browse/OADP-724"
},
{
"category": "external",
"summary": "OADP-725",
"url": "https://issues.redhat.com/browse/OADP-725"
},
{
"category": "external",
"summary": "OADP-731",
"url": "https://issues.redhat.com/browse/OADP-731"
},
{
"category": "external",
"summary": "OADP-741",
"url": "https://issues.redhat.com/browse/OADP-741"
},
{
"category": "external",
"summary": "OADP-774",
"url": "https://issues.redhat.com/browse/OADP-774"
},
{
"category": "external",
"summary": "OADP-794",
"url": "https://issues.redhat.com/browse/OADP-794"
},
{
"category": "external",
"summary": "OADP-825",
"url": "https://issues.redhat.com/browse/OADP-825"
},
{
"category": "external",
"summary": "OADP-849",
"url": "https://issues.redhat.com/browse/OADP-849"
},
{
"category": "external",
"summary": "OADP-927",
"url": "https://issues.redhat.com/browse/OADP-927"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2022/rhsa-2022_8634.json"
}
],
"title": "Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.1 security and bug fix update",
"tracking": {
"current_release_date": "2024-09-18T15:48:56+00:00",
"generator": {
"date": "2024-09-18T15:48:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2022:8634",
"initial_release_date": "2022-11-28T02:51:35+00:00",
"revision_history": [
{
"date": "2022-11-28T02:51:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-11-28T02:51:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T15:48:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-OADP-1.1",
"product": {
"name": "8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_api_data_protection:1.1::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift API for Data Protection"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel8\u0026tag=1.1.1-27"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"product": {
"name": "oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"product_id": "oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel8\u0026tag=1.1.1-29"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"product_id": "oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.1.1-41"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"product": {
"name": "oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"product_id": "oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-rhel8-operator\u0026tag=1.1.1-22"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le",
"product": {
"name": "oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le",
"product_id": "oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel8\u0026tag=1.1.1-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"product_id": "oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel8\u0026tag=1.1.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel8\u0026tag=1.1.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel8\u0026tag=1.1.1-23"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel8\u0026tag=1.1.1-17"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel8\u0026tag=1.1.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel8\u0026tag=1.1.1-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"product": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"product_id": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-volume-snapshot-mover-rhel8\u0026tag=1.1.1-26"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel8\u0026tag=1.1.1-27"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"product": {
"name": "oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"product_id": "oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel8\u0026tag=1.1.1-29"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"product_id": "oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.1.1-41"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"product": {
"name": "oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"product_id": "oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-rhel8-operator\u0026tag=1.1.1-22"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"product": {
"name": "oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"product_id": "oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel8\u0026tag=1.1.1-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"product_id": "oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel8\u0026tag=1.1.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel8\u0026tag=1.1.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel8\u0026tag=1.1.1-23"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel8\u0026tag=1.1.1-17"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel8\u0026tag=1.1.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel8\u0026tag=1.1.1-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"product": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"product_id": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-volume-snapshot-mover-rhel8\u0026tag=1.1.1-26"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel8\u0026tag=1.1.1-27"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"product": {
"name": "oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"product_id": "oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel8\u0026tag=1.1.1-29"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"product_id": "oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.1.1-41"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"product": {
"name": "oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"product_id": "oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel8-operator\u0026tag=1.1.1-22"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"product": {
"name": "oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"product_id": "oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel8\u0026tag=1.1.1-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"product_id": "oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel8\u0026tag=1.1.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel8\u0026tag=1.1.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel8\u0026tag=1.1.1-23"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel8\u0026tag=1.1.1-17"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel8\u0026tag=1.1.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel8\u0026tag=1.1.1-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64",
"product": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64",
"product_id": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-volume-snapshot-mover-rhel8\u0026tag=1.1.1-26"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le"
},
"product_reference": "oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64"
},
"product_reference": "oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x"
},
"product_reference": "oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le"
},
"product_reference": "oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64"
},
"product_reference": "oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x"
},
"product_reference": "oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64"
},
"product_reference": "oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x"
},
"product_reference": "oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
},
"product_reference": "oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le"
},
"product_reference": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x"
},
"product_reference": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
},
"product_reference": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-27191",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2022-03-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064702"
}
],
"notes": [
{
"category": "description",
"text": "A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crash in a golang.org/x/crypto/ssh server",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP) the vulnerable golang.org/x/crypto/ssh package is bundled in many components. The affected code is in the SSH server portion that is not used, hence the impact by this vulnerability is reduced. Additionally the OCP installer components, that also bundle vulnerable golang.org/x/crypto/ssh package, are used only during the cluster installation process, hence for already deployed and running OCP clusters the installer components are considered as affected by this vulnerability but not impacted.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-27191"
},
{
"category": "external",
"summary": "RHBZ#2064702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-27191",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27191"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27191"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ"
}
],
"release_date": "2022-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8634"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crash in a golang.org/x/crypto/ssh server"
},
{
"cve": "CVE-2022-27664",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124669"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: handle server errors after sending GOAWAY",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-27664"
},
{
"category": "external",
"summary": "RHBZ#2124669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664"
},
{
"category": "external",
"summary": "https://go.dev/issue/54658",
"url": "https://go.dev/issue/54658"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8634"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: handle server errors after sending GOAWAY"
},
{
"cve": "CVE-2022-30632",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"discovery_date": "2022-07-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2107386"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This can cause an attacker to impact availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: path/filepath: stack exhaustion in Glob",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30632"
},
{
"category": "external",
"summary": "RHBZ#2107386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30632",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30632"
},
{
"category": "external",
"summary": "https://go.dev/issue/53416",
"url": "https://go.dev/issue/53416"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
"url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
}
],
"release_date": "2022-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8634"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: path/filepath: stack exhaustion in Glob"
},
{
"cve": "CVE-2022-30635",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"discovery_date": "2022-07-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2107388"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. When calling Decoder, Decode on a message that contains deeply nested structures, a panic can occur due to stack exhaustion and allows an attacker to impact system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: encoding/gob: stack exhaustion in Decoder.Decode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) starting from 4.10 stream is already compiled in the patched version of Go, hence is not affected by this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-30635"
},
{
"category": "external",
"summary": "RHBZ#2107388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-30635",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30635"
},
{
"category": "external",
"summary": "https://go.dev/issue/53615",
"url": "https://go.dev/issue/53615"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE",
"url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"
}
],
"release_date": "2022-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8634"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: encoding/gob: stack exhaustion in Decoder.Decode"
},
{
"cve": "CVE-2022-32190",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124668"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package. The JoinPath doesn\u0027t remove the ../ path components appended to a domain that is not terminated by a slash, possibly leading to a directory traversal attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: JoinPath does not strip relative path components in all circumstances",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerable functions, JoinPath and URL.JoinPath was introduced in upstream go1.19, whereas, RHEL ships go1.17 and go1.18 versions, which does not contain the vulnerable code. Hence, packages shipped with RHEL-8, RHEL-9 are not affected.\n\nAll Y stream releases of OpenShift Container Platform 4 run on RHEL-8 or RHEL-9, so OCP 4 is also not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:36c41473747952825632ab37ace5230d035eb2b22437db43abc100774373bfff_ppc64le",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:4aed79cea350c699ffa3cddda3ffd5e1f00d46436ed4de7057161237661ae523_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:7a437c2304a2f8afe8116246ab7d984ea7bc474b075360ad25788eb20e418400_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2027f961b5eb33db40fba0d1037d3830b2e3a2de155ba37c03c0dd606a180b3e_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:bf295af188327b241546af2c4fda30b3915f76c8f05c7fadf1e120fafc95f276_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:eef2e1f2def5cd097ef5631e9d0c9d80b0ce936a09a9f4daa74ce1d60a5c29bc_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:7eeaaa04427752f4ba63e3abd02899fb35a1ae7d015e3fe239283c47864f1127_s390x",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a037c78586906aee892976a712c3b7225fd7ec20d520f55ae24a898ef5a86d30_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a760acaf99548ee1782b665ce98ce7b6676eba294941e5b74c0d5a3ab5c5f9a3_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:a98b69c2bf5773a3527441ee44b51f27e50efb09fa73932e52598a6ba5a741eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:e7f8fb928593bf7504c195804bc1562cd3b9ffbc46bdb1d75e8e5c7558c76356_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:f756510de309cab2b9420e075ece2643cfe79c4c5bfa7c90f58ed06feb78775f_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:419731ee8118ac762e4115064832e71f1cda13552c40b727fc20c81b244d22a9_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:96343511b8cfe3ad9df3f5a1e2c51d3302d32b7eeeb6ea1e4822c8a6856d2d51_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:d7e7da1afcae5bc8510ab5c23517d8d28f96e47340016729088781a958213c01_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:349cbb1106879f862cd42f9c9af280046d339a9eded40428178f7453986d5b5b_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:a3880a08c92474cd0e9cb3034eeeb6b6c5b7045359c1a19c9f0f98a144737188_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:b55afe58cdee505d05180e88dfcc0f630dcfa19a2bbec72d256e1d4e79141b99_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:9c095c3294dc83493db05fabe9bfef46a161074c486cf0ad46019c5d621ba586_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a0fa3599feb43cfdd415ded5c311a4796713429c700a7089da01dc3b420e706c_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:daa244bd00fd98d46d05bb4bcb562178d50d138c00329199872f8d9f7ecf4160_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:079cc03ce02b8da51600ef0f50c7b979177da3faa48643fda991e26cb2979700_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:4d91ec9565f8bace77481e04f821680b760cc58134dbbe7ebf184d1aeec828b4_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2a7d30f3d367cac2637116ac5e79533dc79149631ed280fb6132cc92a5ea7aa_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:0b2f1f61c2fe58d4c78d4c2fa14ed8f643cce686239143cfd179701ca13c25fe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:38ea3d805ff8b1b940974d3e1df14b9626b7f9be2c1df5c828edba35db6713a0_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:50095681181e1e145fbfdf0ed3d7586a69890c07636fb0397a9f4694e6f589ef_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:98fc312123a0d08b628601f674443825e915a54a91e89cbe0c47d8473b7be0b8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:bcd91152819872f1ce051cdb8dd10a166ca917a6f4a40c1645bcc43a45e475fa_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:d7dfb48bcb7c385b5e403a161f9f75547191cbf9353d89655c49a49a507c3ff0_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:38bd37201f9c134251fe9ce946983e825e147dfda261c1fd226c8a8b811eb856_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:b20119014cbac4f356bd44052ec827df4eab1422aa5ed3ba7b0e0aa67c5d08ab_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:decf1467f5221c47d0e8926b0c603590393f630baa1973c8edae8494e2566dd4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-32190"
},
{
"category": "external",
"summary": "RHBZ#2124668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-32190",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32190"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190"
},
{
"category": "external",
"summary": "https://go.dev/issue/54385",
"url": "https://go.dev/issue/54385"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8634"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:182617afd959e3848332d7ddf8e852c8bce783ebd20819dae709f62707a48553_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:378a1164f6a4b373ceb3324c4763f22a698f7ea011ee2cba695103666e6a5d09_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:c1903bb813958cf463966e5373890f1100d20ea3b7acf7d29910c28d063b72be_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/url: JoinPath does not strip relative path components in all circumstances"
}
]
}
Loading...