rhsa-2023:5314
Vulnerability from csaf_redhat
Published
2023-09-20 15:43
Modified
2025-03-28 16:30
Summary
Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.6 security and bug fix update
Notes
Topic
OpenShift API for Data Protection (OADP) 1.1.6 is now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.
Security Fix(es):
* prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)
* net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)
* distribution/distribution: DoS from malicious API request (CVE-2023-2253)
* golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results (CVE-2023-24532)
* containerd: Supplementary groups are not set up properly (CVE-2023-25173)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "OpenShift API for Data Protection (OADP) 1.1.6 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.\n\nSecurity Fix(es):\n\n* prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)\n\n* net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)\n\n* distribution/distribution: DoS from malicious API request (CVE-2023-2253)\n\n* golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results (CVE-2023-24532)\n\n* containerd: Supplementary groups are not set up properly (CVE-2023-25173)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:5314", url: "https://access.redhat.com/errata/RHSA-2023:5314", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "2045880", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", }, { category: "external", summary: "2174485", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2174485", }, { category: "external", summary: "2178358", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2178358", }, { category: "external", summary: "2189886", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2189886", }, { category: "external", summary: "2223355", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2223355", }, { category: "external", summary: "OADP-2420", url: "https://issues.redhat.com/browse/OADP-2420", }, { category: "external", summary: "OADP-2530", url: "https://issues.redhat.com/browse/OADP-2530", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5314.json", }, ], title: "Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.6 security and bug fix update", tracking: { current_release_date: "2025-03-28T16:30:55+00:00", generator: { date: "2025-03-28T16:30:55+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2023:5314", initial_release_date: "2023-09-20T15:43:10+00:00", revision_history: [ { date: "2023-09-20T15:43:10+00:00", number: "1", summary: "Initial version", }, { date: "2023-09-20T15:43:10+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-28T16:30:55+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "8Base-OADP-1.1", product: { name: "8Base-OADP-1.1", product_id: "8Base-OADP-1.1", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_api_data_protection:1.1::el8", }, }, }, ], category: "product_family", name: "OpenShift API for Data Protection", }, { branches: [ { category: "product_version", name: "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le", product: { name: "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le", product_id: "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le", product_identification_helper: { purl: "pkg:oci/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8?arch=ppc64le&repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel8&tag=1.1.6-5", }, }, }, { category: "product_version", name: "oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le", product: { name: "oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le", product_id: "oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le", product_identification_helper: { purl: "pkg:oci/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c?arch=ppc64le&repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel8&tag=1.1.6-9", }, }, }, { category: "product_version", name: "oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le", product: { name: "oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le", product_id: "oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le", product_identification_helper: { purl: "pkg:oci/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8?arch=ppc64le&repository_url=registry.redhat.io/oadp/oadp-operator-bundle&tag=1.1.6-14", }, }, }, { category: "product_version", name: "oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le", product: { name: "oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le", product_id: "oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le", product_identification_helper: { purl: "pkg:oci/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8?arch=ppc64le&repository_url=registry.redhat.io/oadp/oadp-rhel8-operator&tag=1.1.6-6", }, }, }, { category: "product_version", name: "oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le", product: { name: "oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le", product_id: "oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le", product_identification_helper: { purl: "pkg:oci/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390?arch=ppc64le&repository_url=registry.redhat.io/oadp/oadp-velero-rhel8&tag=1.1.6-7", }, }, }, { category: "product_version", name: "oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le", product: { name: "oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le", product_id: "oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le", product_identification_helper: { purl: "pkg:oci/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e?arch=ppc64le&repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel8&tag=1.1.6-5", }, }, }, { category: "product_version", name: "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le", product: { name: "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le", product_id: "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le", product_identification_helper: { purl: "pkg:oci/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd?arch=ppc64le&repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel8&tag=1.1.6-5", }, }, }, { category: "product_version", name: "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le", product: { name: "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le", product_id: "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le", product_identification_helper: { purl: "pkg:oci/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0?arch=ppc64le&repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel8&tag=1.1.6-5", }, }, }, { category: "product_version", name: "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le", product: { name: "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le", product_id: "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le", product_identification_helper: { purl: "pkg:oci/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674?arch=ppc64le&repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel8&tag=1.1.6-5", }, }, }, { category: "product_version", name: "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le", product: { name: "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le", product_id: "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le", product_identification_helper: { purl: "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940?arch=ppc64le&repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel8&tag=1.1.6-5", }, }, }, { category: "product_version", name: "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le", product: { name: "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le", product_id: "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le", product_identification_helper: { purl: "pkg:oci/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62?arch=ppc64le&repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel8&tag=1.1.6-6", }, }, }, { category: "product_version", name: "oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le", product: { name: "oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le", product_id: "oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le", product_identification_helper: { purl: "pkg:oci/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5?arch=ppc64le&repository_url=registry.redhat.io/oadp/oadp-volume-snapshot-mover-rhel8&tag=1.1.6-5", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x", product: { name: "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x", product_id: "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x", product_identification_helper: { purl: "pkg:oci/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1?arch=s390x&repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel8&tag=1.1.6-5", }, }, }, { category: "product_version", name: "oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x", product: { name: "oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x", product_id: "oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x", product_identification_helper: { purl: "pkg:oci/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded?arch=s390x&repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel8&tag=1.1.6-9", }, }, }, { category: "product_version", name: "oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x", product: { name: "oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x", product_id: "oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x", product_identification_helper: { purl: "pkg:oci/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97?arch=s390x&repository_url=registry.redhat.io/oadp/oadp-operator-bundle&tag=1.1.6-14", }, }, }, { category: "product_version", name: "oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x", product: { name: "oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x", product_id: "oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x", product_identification_helper: { purl: "pkg:oci/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4?arch=s390x&repository_url=registry.redhat.io/oadp/oadp-rhel8-operator&tag=1.1.6-6", }, }, }, { category: "product_version", name: "oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x", product: { name: "oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x", product_id: "oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x", product_identification_helper: { purl: "pkg:oci/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf?arch=s390x&repository_url=registry.redhat.io/oadp/oadp-velero-rhel8&tag=1.1.6-7", }, }, }, { category: "product_version", name: "oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x", product: { name: "oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x", product_id: "oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x", product_identification_helper: { purl: "pkg:oci/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c?arch=s390x&repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel8&tag=1.1.6-5", }, }, }, { category: "product_version", name: "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x", product: { name: "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x", product_id: "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x", product_identification_helper: { purl: "pkg:oci/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24?arch=s390x&repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel8&tag=1.1.6-5", }, }, }, { category: "product_version", name: "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x", product: { name: "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x", product_id: "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x", product_identification_helper: { purl: "pkg:oci/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce?arch=s390x&repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel8&tag=1.1.6-5", }, }, }, { category: "product_version", name: "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x", product: { name: "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x", product_id: "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x", product_identification_helper: { purl: "pkg:oci/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35?arch=s390x&repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel8&tag=1.1.6-5", }, }, }, { category: "product_version", name: "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x", product: { name: "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x", product_id: "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x", product_identification_helper: { purl: "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c?arch=s390x&repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel8&tag=1.1.6-5", }, }, }, { category: "product_version", name: "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x", product: { name: "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x", product_id: "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x", product_identification_helper: { purl: "pkg:oci/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290?arch=s390x&repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel8&tag=1.1.6-6", }, }, }, { category: "product_version", name: "oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x", product: { name: "oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x", product_id: "oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x", product_identification_helper: { purl: "pkg:oci/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e?arch=s390x&repository_url=registry.redhat.io/oadp/oadp-volume-snapshot-mover-rhel8&tag=1.1.6-5", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64", product: { name: "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64", product_id: "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64", product_identification_helper: { purl: "pkg:oci/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0?arch=amd64&repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel8&tag=1.1.6-5", }, }, }, { category: "product_version", name: "oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64", product: { name: "oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64", product_id: "oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64", product_identification_helper: { purl: "pkg:oci/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88?arch=amd64&repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel8&tag=1.1.6-9", }, }, }, { category: "product_version", name: "oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64", product: { name: "oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64", product_id: "oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64", product_identification_helper: { purl: "pkg:oci/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0?arch=amd64&repository_url=registry.redhat.io/oadp/oadp-operator-bundle&tag=1.1.6-14", }, }, }, { category: "product_version", name: "oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64", product: { name: "oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64", product_id: "oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64", product_identification_helper: { purl: "pkg:oci/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49?arch=amd64&repository_url=registry.redhat.io/oadp/oadp-rhel8-operator&tag=1.1.6-6", }, }, }, { category: "product_version", name: "oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64", product: { name: "oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64", product_id: "oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64", product_identification_helper: { purl: "pkg:oci/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111?arch=amd64&repository_url=registry.redhat.io/oadp/oadp-velero-rhel8&tag=1.1.6-7", }, }, }, { category: "product_version", name: "oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64", product: { name: "oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64", product_id: "oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64", product_identification_helper: { purl: "pkg:oci/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b?arch=amd64&repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel8&tag=1.1.6-5", }, }, }, { category: "product_version", name: "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64", product: { name: "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64", product_id: "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64", product_identification_helper: { purl: "pkg:oci/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525?arch=amd64&repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel8&tag=1.1.6-5", }, }, }, { category: "product_version", name: "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64", product: { name: "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64", product_id: "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64", product_identification_helper: { purl: "pkg:oci/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96?arch=amd64&repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel8&tag=1.1.6-5", }, }, }, { category: "product_version", name: "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64", product: { name: "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64", product_id: "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64", product_identification_helper: { purl: "pkg:oci/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020?arch=amd64&repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel8&tag=1.1.6-5", }, }, }, { category: "product_version", name: "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64", product: { name: "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64", product_id: "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64", product_identification_helper: { purl: "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431?arch=amd64&repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel8&tag=1.1.6-5", }, }, }, { category: "product_version", name: "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64", product: { name: "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64", product_id: "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64", product_identification_helper: { purl: "pkg:oci/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117?arch=amd64&repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel8&tag=1.1.6-6", }, }, }, { category: "product_version", name: "oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64", product: { name: "oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64", product_id: "oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64", product_identification_helper: { purl: "pkg:oci/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089?arch=amd64&repository_url=registry.redhat.io/oadp/oadp-volume-snapshot-mover-rhel8&tag=1.1.6-5", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64 as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64", }, product_reference: "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x", }, product_reference: "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le", }, product_reference: "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le", }, product_reference: "oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64 as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64", }, product_reference: "oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x", }, product_reference: "oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64 as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64", }, product_reference: "oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le", }, product_reference: "oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x", }, product_reference: "oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64 as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64", }, product_reference: "oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le", }, product_reference: "oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x", }, product_reference: "oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x", }, product_reference: "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le", }, product_reference: "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64 as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64", }, product_reference: "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64 as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64", }, product_reference: "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le", }, product_reference: "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x", }, product_reference: "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64 as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64", }, product_reference: "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x", }, product_reference: "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le", }, product_reference: "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64 as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64", }, product_reference: "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x", }, product_reference: "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le", }, product_reference: "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64 as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64", }, product_reference: "oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x", }, product_reference: "oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le", }, product_reference: "oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le", }, product_reference: "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x", }, product_reference: "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64 as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64", }, product_reference: "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x", }, product_reference: "oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64 as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64", }, product_reference: "oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le", }, product_reference: "oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64 as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64", }, product_reference: "oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x", }, product_reference: "oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x", relates_to_product_reference: "8Base-OADP-1.1", }, { category: "default_component_of", full_product_name: { name: "oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le as a component of 8Base-OADP-1.1", product_id: "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le", }, product_reference: "oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le", relates_to_product_reference: "8Base-OADP-1.1", }, ], }, vulnerabilities: [ { cve: "CVE-2022-21698", cwe: { id: "CWE-772", name: "Missing Release of Resource after Effective Lifetime", }, discovery_date: "2022-01-19T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2045880", }, ], notes: [ { category: "description", text: "A denial of service attack was found in prometheus/client_golang. This flaw allows an attacker to produce a denial of service attack on an HTTP server by exploiting the InstrumentHandlerCounter function in the version below 1.11.1, resulting in a loss of availability.", title: "Vulnerability description", }, { category: "summary", text: "prometheus/client_golang: Denial of service using InstrumentHandlerCounter", title: "Vulnerability summary", }, { category: "other", text: "This flaw has been rated as having a moderate impact for two main reasons. The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. Additionally, this is in alignment with upstream's (the Prometheus project) impact rating.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le", ], known_not_affected: [ "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-21698", }, { category: "external", summary: "RHBZ#2045880", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2045880", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-21698", url: "https://www.cve.org/CVERecord?id=CVE-2022-21698", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-21698", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-21698", }, { category: "external", summary: "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p", url: "https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p", }, ], release_date: "2022-02-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-09-20T15:43:10+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5314", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "prometheus/client_golang: Denial of service using InstrumentHandlerCounter", }, { acknowledgments: [ { names: [ "Philippe Antoine", ], organization: "Catena Cyber", }, ], cve: "CVE-2022-41723", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-03-14T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2178358", }, ], notes: [ { category: "description", text: "A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.", title: "Vulnerability description", }, { category: "summary", text: "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding", title: "Vulnerability summary", }, { category: "other", text: "Within OpenShift Container Platform, the maximum impact of this vulnerability is a denial of service against an individual container so the impact could not cascade across the entire infrastructure, this vulnerability is rated Moderate impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le", ], known_not_affected: [ "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-41723", }, { category: "external", summary: "RHBZ#2178358", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2178358", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-41723", url: "https://www.cve.org/CVERecord?id=CVE-2022-41723", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", }, { category: "external", summary: "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", url: "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h", }, { category: "external", summary: "https://go.dev/cl/468135", url: "https://go.dev/cl/468135", }, { category: "external", summary: "https://go.dev/cl/468295", url: "https://go.dev/cl/468295", }, { category: "external", summary: "https://go.dev/issue/57855", url: "https://go.dev/issue/57855", }, { category: "external", summary: "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", url: "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2023-1571", url: "https://pkg.go.dev/vuln/GO-2023-1571", }, { category: "external", summary: "https://vuln.go.dev/ID/GO-2023-1571.json", url: "https://vuln.go.dev/ID/GO-2023-1571.json", }, ], release_date: "2023-02-17T14:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-09-20T15:43:10+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5314", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding", }, { acknowledgments: [ { names: [ "Jose Gomez", ], organization: "SUSE", }, ], cve: "CVE-2023-2253", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2023-04-26T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2189886", }, ], notes: [ { category: "description", text: "A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vulnerability allows a malicious user to submit an unreasonably large value for `n,` causing the allocation of a massive string array, possibly causing a denial of service through excessive use of memory.", title: "Vulnerability description", }, { category: "summary", text: "distribution/distribution: DoS from malicious API request", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le", ], known_not_affected: [ "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-2253", }, { category: "external", summary: "RHBZ#2189886", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2189886", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-2253", url: "https://www.cve.org/CVERecord?id=CVE-2023-2253", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-2253", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-2253", }, { category: "external", summary: "https://www.openwall.com/lists/oss-security/2023/05/09/1", url: "https://www.openwall.com/lists/oss-security/2023/05/09/1", }, ], release_date: "2023-05-09T15:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-09-20T15:43:10+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5314", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "distribution/distribution: DoS from malicious API request", }, { cve: "CVE-2023-24532", cwe: { id: "CWE-682", name: "Incorrect Calculation", }, discovery_date: "2023-07-17T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2223355", }, ], notes: [ { category: "description", text: "A flaw was found in the crypto/internal/nistec golang library. The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars, such as a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh.", title: "Vulnerability description", }, { category: "summary", text: "golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le", ], known_not_affected: [ "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-24532", }, { category: "external", summary: "RHBZ#2223355", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2223355", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-24532", url: "https://www.cve.org/CVERecord?id=CVE-2023-24532", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-24532", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-24532", }, { category: "external", summary: "https://go.dev/cl/471255", url: "https://go.dev/cl/471255", }, { category: "external", summary: "https://go.dev/issue/58647", url: "https://go.dev/issue/58647", }, { category: "external", summary: "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY", url: "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2023-1621", url: "https://pkg.go.dev/vuln/GO-2023-1621", }, ], release_date: "2023-03-08T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-09-20T15:43:10+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5314", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results", }, { cve: "CVE-2023-25173", cwe: { id: "CWE-842", name: "Placement of User into Incorrect Group", }, discovery_date: "2023-03-01T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2174485", }, ], notes: [ { category: "description", text: "A flaw was found in containerd, where supplementary groups are not set up properly inside a container. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases. This issue can allow access to sensitive information or gain the ability to execute code in that container.", title: "Vulnerability description", }, { category: "summary", text: "containerd: Supplementary groups are not set up properly", title: "Vulnerability summary", }, { category: "other", text: "The following products include containerd related code, but do not use the specific Go packages impacted by this CVE, `containerd/cri/server` and `containerd/oci`. This CVE is therefore rated Low for these products:\n\n* OpenShift Container Platform\n* OpenShift Service Mesh\n* OpenShift API for Data Protection\n* Red Hat Advanced Cluster Security\n* Red Hat Advanced Cluster Management for Kubernetes", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le", ], known_not_affected: [ "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-25173", }, { category: "external", summary: "RHBZ#2174485", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2174485", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-25173", url: "https://www.cve.org/CVERecord?id=CVE-2023-25173", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-25173", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-25173", }, { category: "external", summary: "https://github.com/containerd/containerd/commit/133f6bb6cd827ce35a5fb279c1ead12b9d21460a", url: "https://github.com/containerd/containerd/commit/133f6bb6cd827ce35a5fb279c1ead12b9d21460a", }, { category: "external", summary: "https://github.com/containerd/containerd/releases/tag/v1.5.18", url: "https://github.com/containerd/containerd/releases/tag/v1.5.18", }, { category: "external", summary: "https://github.com/containerd/containerd/releases/tag/v1.6.18", url: "https://github.com/containerd/containerd/releases/tag/v1.6.18", }, { category: "external", summary: "https://github.com/containerd/containerd/security/advisories/GHSA-hmfx-3pcx-653p", url: "https://github.com/containerd/containerd/security/advisories/GHSA-hmfx-3pcx-653p", }, { category: "external", summary: "https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/", url: "https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/", }, ], release_date: "2023-02-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-09-20T15:43:10+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5314", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L", version: "3.1", }, products: [ "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:1dfac6fee0781915e4ebb373c70046362000d67346b375c4d441990c534a36e0_amd64", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:5d6a3595262d1f631d5ca6de5a64d4fbfc4a5fd2173d1ef2ccc57c31d7837ba1_s390x", "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:6b764b41b4ebbb5efe994a99d3abab3f2a53ef1fa6a2e3554c59b11192ad3be8_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:2446b2e974d79e84550fd1f427734baea05304403e6c1fe4b1da20fe1336869c_ppc64le", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:b37cea8cb5b9e2d58a30ffb52996b0dddbc342de5c4fd8cafd922de09a41ba88_amd64", "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:f86780b780b5f3235bb2f3713e6041bac83693f95f0815bf3f3a2d20520b9ded_s390x", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:0db380188e152ed09fba18d7875f0cfde2313ade9f3ba44aecb78159c29e58a0_amd64", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:40e6807ca08bd03a80e42f2c49dcb001d52d8f1479ca55afcaa93c1766dda8a8_ppc64le", "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:b40b4f2ab35678bc4b75cf3025d6600f5553d1fbc32df821af2b9259ea397d97_s390x", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:3baae16070db22fecbbec513d9b96a915fd14708d4d87ea434899c3b20c7ff49_amd64", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7e2a8e03a58572760aa5727c31fac1715307b96f5b8624a1abcb233f39d8b8c8_ppc64le", "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:b938a900623bdf738a364e1181a72ec3e2d22dc94fd4e89bf6297a7f61bc6cc4_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0444938dd055c74be230890054c37b2dafc1a9c10c9fb0f4fcec8cc8e40d9e24_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:79a5e909cc5975fade1f157de656acce2a28d6feed8e77553dacffb7577b7ecd_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:b6e0aefce8b50e60dde4b6ddb6e348bfbf5fb389f60fc3ba10fea44157393525_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:928d7fce65e9a53d50de03c2bf84407d2ecea6515ec51be2054dc3077f0dec96_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:e9ec1c8592f1e9d8aa9c69d998dc4815ba8c993b8ebe3e1c631d08ce457906c0_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:f6c5764ca302a498562ab2463b7946e305fda1e2ea0f1612f3d009f532d4f0ce_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:0530768bd486887490ffdbd7a3121d64a53ab15b11772a5778145ded9b8ce020_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:39f86bfd840532158569624d538c3444eac26276054ac5eb19e1f7339f9b9b35_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:450e62f4512093e316afbbeb35a8a5d70dbfc802886833a43993ee33aa9ad674_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:3057a9222edca329d67d851ff0f49606b4e3f7238f2dbd2b07c4628cee469431_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:36cb4beaf4e5720c309235d8498367c6513660f52e219f944fa4d8e388cb5c9c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:91c5941ec0e557c0097871ccc1875bf19406b6006d989b0c55ddbd12cd665940_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:142db686f8a8c1aceb82b53e10cc7beb14cb97170ffcf3167ec37dd028ce034b_amd64", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:5ad1cde5f4b1caffada50eb288c502c03c41e64ddd01c36f6f2f4f5165d2f22c_s390x", "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:6e04ef6736c65fed1502a934b8e4b53e8cbd2fefa934d337e2e9872db47a5d6e_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:3f67f719bf707726560908a0df24d5652a63be38ef559b0c30e775f860a97c62_ppc64le", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:7bf9ca8621aa548f979118996f6fb1baf088950b116cd94e8b5950f8fdba4290_s390x", "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:c6fb44b2d571ba3a7d24fffe83935d89b7ec795e638708dfb3231a7a39e57117_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:0ede60afb38f4d840ae4a745982ebea5b977788b5273849192981f594e3553cf_s390x", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:4f7fb098cc236efccc1b6a8192c83f48e43043484d4c2056aca253012c4cc111_amd64", "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:79709f4f69148bcb7d6765481ac444899ef74a4d39136091bd3ff56e1ceaf390_ppc64le", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:849d0269479aafa7b4ba287359a2c5d81e689fc379642a67a739dbd24d392089_amd64", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:c9504c54cef27a3afecbf7fcca10a18a206dc7949d58eda6de86b5b25aaf383e_s390x", "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:e41c45c4d51bc528b5ab7d9fbc6e3185f610614b037915f5575a5fa49b4febb5_ppc64le", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "containerd: Supplementary groups are not set up properly", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.