rhsa-2022_8889
Vulnerability from csaf_redhat
Published
2022-12-08 17:25
Modified
2024-12-10 17:40
Summary
Red Hat Security Advisory: Openshift Logging 5.3.14 bug fix release and security update
Notes
Topic
Openshift Logging Bug Fix Release (5.3.14)
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Openshift Logging Bug Fix Release (5.3.14)
Security Fixe(s):
* jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Openshift Logging Bug Fix Release (5.3.14)\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Openshift Logging Bug Fix Release (5.3.14)\n\nSecurity Fixe(s):\n\n* jackson-databind: denial of service via a large depth of nested objects\u00a0(CVE-2020-36518)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2022:8889",
"url": "https://access.redhat.com/errata/RHSA-2022:8889"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2064698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064698"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "LOG-3293",
"url": "https://issues.redhat.com/browse/LOG-3293"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_8889.json"
}
],
"title": "Red Hat Security Advisory: Openshift Logging 5.3.14 bug fix release and security update",
"tracking": {
"current_release_date": "2024-12-10T17:40:31+00:00",
"generator": {
"date": "2024-12-10T17:40:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2022:8889",
"initial_release_date": "2022-12-08T17:25:26+00:00",
"revision_history": [
{
"date": "2022-12-08T17:25:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2022-12-08T17:25:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-10T17:40:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Logging 5.3",
"product": {
"name": "OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.14-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.14-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-315"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-169"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-259"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-277"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-223"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-311"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.14-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.14-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-315"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-169"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-259"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-277"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-223"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-311"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.3.14-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.3.14-8"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.3.14-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.3.14-16"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-315"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.0.0-169"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-259"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-277"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.7.4-223"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-311"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64 as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x as a component of OpenShift Logging 5.3",
"product_id": "8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36518",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-03-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2064698"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: denial of service via a large depth of nested objects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "CodeReady Studio is no longer supported and therefore this flaw will not be addressed in CodeReady Studio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36518"
},
{
"category": "external",
"summary": "RHBZ#2064698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064698"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36518",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36518"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-57j2-w4cx-62h2",
"url": "https://github.com/advisories/GHSA-57j2-w4cx-62h2"
}
],
"release_date": "2020-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-08T17:25:26+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly, for detailed release notes:\n\nhttps://docs.openshift.com/container-platform/4.9/logging/cluster-logging-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.9/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8889"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: denial of service via a large depth of nested objects"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-08T17:25:26+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly, for detailed release notes:\n\nhttps://docs.openshift.com/container-platform/4.9/logging/cluster-logging-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.9/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8889"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2022-12-08T17:25:26+00:00",
"details": "For OpenShift Container Platform 4.9 see the following documentation, which will be updated shortly, for detailed release notes:\n\nhttps://docs.openshift.com/container-platform/4.9/logging/cluster-logging-release-notes.html\n\nFor Red Hat OpenShift Logging 5.3, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.9/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2022:8889"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-operator-bundle@sha256:4022c2613b641f0dd53fbf781b33d5263efeeff6dc975f049f89268d4a27203b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:08b052122e0e9ba71d868ce2f383c15fd182697f6f799d4c1cabc4e6c4ed8e2b_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:5278f6ceb7cf08f63f1f00bbe64e9943483b5ad67e5bfc47f403d628ef7b5c99_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/cluster-logging-rhel8-operator@sha256:e33176b1095d8cfef85ce2fd57c00aaf5ff57b0e45b40d29e098b5bf6bd8fc5b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-operator-bundle@sha256:e83fe48d828acd221dc2e8a3a80412d048bde4284ce315a87ec858ef8ecfd0eb_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:9e98d2f8c86586fc234a598bb758d093a54d1a29492b8e62e28e270bbdcd39eb_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:c2c40790e73aa8f974f7acce2950d5072eaa004edf68e596bd50d4dd40d7b9da_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-proxy-rhel8@sha256:eb6796afba358e0b6ae7fb07509c62ed14e20210b790e3e0dbc8bd5a9cdba6d5_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:c0fcdb9108399184f0a564cfd8bfd0fbfe8ad8099d93af484a714b0475279300_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:db875aa219a98257e8c2a9a134b18a759603d56c17e92ac59e441a6e5b7c68d1_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch-rhel8-operator@sha256:fabcbac5972b59c81ea0745fbfa2c4a5d4e097280c0758c11c5ad81e82fc09eb_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:2a1adbb46b40ffc3fd287e97317f5c8031df3deda6ed70650cc154cd650f4c31_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:3046aae638ca1ec48757c3ed8bef140aecd360eec7a1452311e48ddf42c64b50_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/elasticsearch6-rhel8@sha256:aaf2c368d60d44d87262ab87f04504ea182a3dcd70826a5500c7f0eb14fa2b51_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:490cc7b81ffb47ec754496ff17f3dbaf394d251320bce734b9967b54721e42e3_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:a9e5746f32a57d1944611cf76b8d46a2eff29093e235a4206b48075e2f5d88e9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/fluentd-rhel8@sha256:f0284b01a99405d6e8ca32ed47699854e6ad50c41608f15bf10943b37b7a5657_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:0465cf31c274e2f7f10dd46f04304c6f27778f2135572de317b8f155e1fb269b_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:3ffd5a936688f02391ccccba3a4d866ef73faaa56d83a86b933f816ad1ae184a_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/kibana6-rhel8@sha256:d67a7aad2aa847bc07254c061fcb70c55e3bc47980e205ac5e3eea01ad256223_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:16fa20b470a5093e67cac615e27524ef14b19b54a14086ec5e5609ad602d0ea9_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:4a9a16e58903172cdbcb7f14cb4d96ceda2c2e08715c5db5b9a2bd4f6e6c8b38_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/log-file-metric-exporter-rhel8@sha256:88ab4df69684f3c991dbae9b70fd6d09ab3564ced1a0b429728b87173013bc0f_s390x",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:7972f8802bce8c221f23c8d4457086ebc7983705048b91594a28872e02d9b712_amd64",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:a4dc00a57c6b23ad158d54bd6952c81d5e17c7c2d5dcf5d32b23f8a042ba1f1e_ppc64le",
"8Base-OSE-LOGGING-5.3:openshift-logging/logging-curator5-rhel8@sha256:e4ec4bb4b6b5dd18f3c965f3297e3634b5ce88c1ba03a489ab9867fb1bde42b7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.