rhsa-2023_0264
Vulnerability from csaf_redhat
Published
2023-01-19 11:03
Modified
2024-11-06 02:14
Summary
Red Hat Security Advisory: Red Hat OpenShift (Logging Subsystem) security update
Notes
Topic
An update for Logging Subsystem (5.6.0) is now available for Red Hat OpenShift Container Platform.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Logging Subsystem 5.6.0 - Red Hat OpenShift
* logging-view-plugin-container: loader-utils: prototype pollution in function parseQuery in parseQuery.js (CVE-2022-37601)
* logging-elasticsearch6-container: jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518)
* logging-loki-container: various flaws (CVE-2022-2879 CVE-2022-2880 CVE-2022-41715)
* logging-loki-container: golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)
* golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)
* org.elasticsearch-elasticsearch: jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* org.elasticsearch-elasticsearch: jackson-databind: use of deeply nested arrays (CVE-2022-42004)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for Logging Subsystem (5.6.0) is now available for Red Hat OpenShift Container Platform.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Logging Subsystem 5.6.0 - Red Hat OpenShift\n\n* logging-view-plugin-container: loader-utils: prototype pollution in function parseQuery in parseQuery.js (CVE-2022-37601)\n* logging-elasticsearch6-container: jackson-databind: denial of service via a large depth of nested objects (CVE-2020-36518)\n* logging-loki-container: various flaws (CVE-2022-2879 CVE-2022-2880 CVE-2022-41715)\n* logging-loki-container: golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)\n* golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)\n* org.elasticsearch-elasticsearch: jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n* org.elasticsearch-elasticsearch: jackson-databind: use of deeply nested arrays (CVE-2022-42004)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:0264", "url": "https://access.redhat.com/errata/RHSA-2023:0264" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2064698", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064698" }, { "category": "external", "summary": "2124668", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668" }, { "category": "external", "summary": "2124669", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669" }, { "category": "external", "summary": "2132867", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867" }, { "category": "external", "summary": "2132868", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868" }, { "category": "external", "summary": "2132872", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872" }, { "category": "external", "summary": "2134876", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134876" }, { "category": "external", "summary": "2135244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244" }, { "category": "external", "summary": "2135247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247" }, { "category": "external", "summary": "LOG-2217", "url": "https://issues.redhat.com/browse/LOG-2217" }, { "category": "external", "summary": "LOG-2620", "url": "https://issues.redhat.com/browse/LOG-2620" }, { "category": "external", "summary": "LOG-2819", "url": "https://issues.redhat.com/browse/LOG-2819" }, { "category": "external", "summary": "LOG-2822", "url": "https://issues.redhat.com/browse/LOG-2822" }, { "category": "external", "summary": "LOG-2843", "url": "https://issues.redhat.com/browse/LOG-2843" }, { "category": "external", "summary": "LOG-2919", "url": "https://issues.redhat.com/browse/LOG-2919" }, { "category": "external", "summary": "LOG-2962", "url": "https://issues.redhat.com/browse/LOG-2962" }, { "category": "external", "summary": "LOG-2993", "url": "https://issues.redhat.com/browse/LOG-2993" }, { "category": "external", "summary": "LOG-3072", "url": "https://issues.redhat.com/browse/LOG-3072" }, { "category": "external", "summary": "LOG-3090", "url": "https://issues.redhat.com/browse/LOG-3090" }, { "category": "external", "summary": "LOG-3129", "url": "https://issues.redhat.com/browse/LOG-3129" }, { "category": "external", "summary": "LOG-3157", "url": "https://issues.redhat.com/browse/LOG-3157" }, { "category": "external", "summary": "LOG-3161", "url": "https://issues.redhat.com/browse/LOG-3161" }, { "category": "external", "summary": "LOG-3168", "url": "https://issues.redhat.com/browse/LOG-3168" }, { "category": "external", "summary": "LOG-3169", "url": "https://issues.redhat.com/browse/LOG-3169" }, { "category": "external", "summary": "LOG-3180", "url": "https://issues.redhat.com/browse/LOG-3180" }, { "category": "external", "summary": "LOG-3186", "url": "https://issues.redhat.com/browse/LOG-3186" }, { "category": "external", "summary": "LOG-3194", "url": "https://issues.redhat.com/browse/LOG-3194" }, { "category": "external", "summary": "LOG-3195", "url": "https://issues.redhat.com/browse/LOG-3195" }, { "category": "external", "summary": "LOG-3208", "url": "https://issues.redhat.com/browse/LOG-3208" }, { "category": "external", "summary": "LOG-3224", "url": "https://issues.redhat.com/browse/LOG-3224" }, { "category": "external", "summary": "LOG-3235", "url": "https://issues.redhat.com/browse/LOG-3235" }, { "category": "external", "summary": "LOG-3286", "url": "https://issues.redhat.com/browse/LOG-3286" }, { "category": "external", "summary": "LOG-3292", "url": "https://issues.redhat.com/browse/LOG-3292" }, { "category": "external", "summary": "LOG-3296", "url": "https://issues.redhat.com/browse/LOG-3296" }, { "category": "external", "summary": "LOG-3309", "url": "https://issues.redhat.com/browse/LOG-3309" }, { "category": "external", "summary": "LOG-3324", "url": "https://issues.redhat.com/browse/LOG-3324" }, { "category": "external", "summary": "LOG-3331", "url": "https://issues.redhat.com/browse/LOG-3331" }, { "category": "external", "summary": "LOG-3446", "url": "https://issues.redhat.com/browse/LOG-3446" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0264.json" } ], "title": "Red Hat Security Advisory: Red Hat OpenShift (Logging Subsystem) security update", "tracking": { "current_release_date": "2024-11-06T02:14:54+00:00", "generator": { "date": "2024-11-06T02:14:54+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2023:0264", "initial_release_date": "2023-01-19T11:03:41+00:00", "revision_history": [ { "date": "2023-01-19T11:03:41+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-01-19T11:03:41+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-06T02:14:54+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHOL 5.6 for RHEL 8", "product": { "name": "RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6", "product_identification_helper": { "cpe": "cpe:/a:redhat:logging:5.6::el8" } } } ], "category": "product_family", "name": "logging for Red Hat OpenShift" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.0-68" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.0-21" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-331" } } }, { "category": "product_version", "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "product": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "product_identification_helper": { "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-91" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-270" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-285" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "product_id": "openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-72" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "product_id": "openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-71" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "product_id": "openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-322" } } }, { "category": "product_version", "name": "openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "product": { "name": "openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "product_id": "openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "product_identification_helper": { "purl": "pkg:oci/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.7.1-8" } } }, { "category": "product_version", "name": "openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "product": { "name": "openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "product_id": "openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "product_identification_helper": { "purl": "pkg:oci/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-46" } } }, { "category": "product_version", "name": "openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64", "product": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64", "product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64", "product_identification_helper": { "purl": "pkg:oci/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.0-28" } } }, { "category": "product_version", "name": "openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "product": { "name": "openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "product_id": "openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "product_identification_helper": { "purl": "pkg:oci/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.0-53" } } }, { "category": "product_version", "name": "openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "product": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "product_identification_helper": { "purl": "pkg:oci/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-110" } } }, { "category": "product_version", "name": "openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "product": { "name": "openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "product_id": "openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "product_identification_helper": { "purl": "pkg:oci/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-43" } } } ], "category": "architecture", "name": "arm64" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.0-68" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.0-21" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-331" } } }, { "category": "product_version", "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "product": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "product_identification_helper": { "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-91" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-270" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-285" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "product_id": "openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-72" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "product_id": "openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-71" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "product_id": "openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-322" } } }, { "category": "product_version", "name": "openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x", "product": { "name": "openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x", "product_id": "openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x", "product_identification_helper": { "purl": "pkg:oci/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.7.1-8" } } }, { "category": "product_version", "name": "openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "product": { "name": "openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "product_id": "openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "product_identification_helper": { "purl": "pkg:oci/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-46" } } }, { "category": "product_version", "name": "openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "product": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "product_identification_helper": { "purl": "pkg:oci/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.0-28" } } }, { "category": "product_version", "name": "openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "product": { "name": "openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "product_id": "openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "product_identification_helper": { "purl": "pkg:oci/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.0-53" } } }, { "category": "product_version", "name": "openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "product": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "product_identification_helper": { "purl": "pkg:oci/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-110" } } }, { "category": "product_version", "name": "openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "product": { "name": "openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "product_id": "openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "product_identification_helper": { "purl": "pkg:oci/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-43" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.0-68" } } }, { "category": "product_version", "name": "openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "product": { "name": "openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.6.0-142" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.0-21" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "product": { "name": "openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.6.0-130" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-331" } } }, { "category": "product_version", "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "product": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "product_identification_helper": { "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-91" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-270" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-285" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "product_id": "openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-72" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "product_id": "openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-71" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "product_id": "openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-322" } } }, { "category": "product_version", "name": "openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "product": { "name": "openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "product_id": "openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "product_identification_helper": { "purl": "pkg:oci/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.7.1-8" } } }, { "category": "product_version", "name": "openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "product": { "name": "openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "product_id": "openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "product_identification_helper": { "purl": "pkg:oci/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-46" } } }, { "category": "product_version", "name": "openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "product": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "product_identification_helper": { "purl": "pkg:oci/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.0-28" } } }, { "category": "product_version", "name": "openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "product": { "name": "openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "product_id": "openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "product_identification_helper": { "purl": "pkg:oci/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v5.6.0-172" } } }, { "category": "product_version", "name": "openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "product": { "name": "openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "product_id": "openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "product_identification_helper": { "purl": "pkg:oci/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.0-53" } } }, { "category": "product_version", "name": "openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "product": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "product_identification_helper": { "purl": "pkg:oci/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-110" } } }, { "category": "product_version", "name": "openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "product": { "name": "openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "product_id": "openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "product_identification_helper": { "purl": "pkg:oci/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-43" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.0-68" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.0-21" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-331" } } }, { "category": "product_version", "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "product": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "product_identification_helper": { "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-91" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-270" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-285" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "product_id": "openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-72" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "product_id": "openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-71" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "product_id": "openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-322" } } }, { "category": "product_version", "name": "openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "product": { "name": "openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "product_id": "openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.7.1-8" } } }, { "category": "product_version", "name": "openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le", "product": { "name": "openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le", "product_id": "openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le", "product_identification_helper": { "purl": "pkg:oci/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-46" } } }, { "category": "product_version", "name": "openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "product": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "product_identification_helper": { "purl": "pkg:oci/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.0-28" } } }, { "category": "product_version", "name": "openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "product": { "name": "openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "product_id": "openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "product_identification_helper": { "purl": "pkg:oci/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.0-53" } } }, { "category": "product_version", "name": "openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "product": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-110" } } }, { "category": "product_version", "name": "openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "product": { "name": "openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "product_id": "openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "product_identification_helper": { "purl": "pkg:oci/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-43" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64" }, "product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64" }, "product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x" }, "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64" }, "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le" }, "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64" }, "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le" }, "product_reference": "openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64" }, "product_reference": "openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64" }, "product_reference": "openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x" }, "product_reference": "openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64" }, "product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le" }, "product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x" }, "product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64" }, "product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64" }, "product_reference": "openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le" }, "product_reference": "openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64" }, "product_reference": "openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x" }, "product_reference": "openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64" }, "product_reference": "openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x" }, "product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le" }, "product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64" }, "product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64" }, "product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x" }, "product_reference": "openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64" }, "product_reference": "openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64" }, "product_reference": "openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le" }, "product_reference": "openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64" }, "product_reference": "openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x" }, "product_reference": "openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64" }, "product_reference": "openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le" }, "product_reference": "openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-36518", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-03-16T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2064698" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: denial of service via a large depth of nested objects", "title": "Vulnerability summary" }, { "category": "other", "text": "CodeReady Studio is no longer supported and therefore this flaw will not be addressed in CodeReady Studio.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64" ], "known_not_affected": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-36518" }, { "category": "external", "summary": "RHBZ#2064698", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064698" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-36518", "url": "https://www.cve.org/CVERecord?id=CVE-2020-36518" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36518", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36518" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-57j2-w4cx-62h2", "url": "https://github.com/advisories/GHSA-57j2-w4cx-62h2" } ], "release_date": "2020-08-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-19T11:03:41+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: denial of service via a large depth of nested objects" }, { "acknowledgments": [ { "names": [ "Adam Korczynski" ], "organization": "ADA Logics" }, { "names": [ "OSS-Fuzz" ] } ], "cve": "CVE-2022-2879", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2022-10-07T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2132867" } ], "notes": [ { "category": "description", "text": "A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panic.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: archive/tar: unbounded memory consumption when reading headers", "title": "Vulnerability summary" }, { "category": "other", "text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x" ], "known_not_affected": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-2879" }, { "category": "external", "summary": "RHBZ#2132867", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-2879", "url": "https://www.cve.org/CVERecord?id=CVE-2022-2879" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879" }, { "category": "external", "summary": "https://github.com/golang/go/issues/54853", "url": "https://github.com/golang/go/issues/54853" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1", "url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1" } ], "release_date": "2022-10-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-19T11:03:41+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: archive/tar: unbounded memory consumption when reading headers" }, { "acknowledgments": [ { "names": [ "Daniel Abeles" ], "organization": "Head of Research, Oxeye" }, { "names": [ "Gal Goldstein" ], "organization": "Security Researcher, Oxeye" } ], "cve": "CVE-2022-2880", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2022-10-07T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2132868" } ], "notes": [ { "category": "description", "text": "A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request\u0027s form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters", "title": "Vulnerability summary" }, { "category": "other", "text": "The opportunity to exploit this vulnerability is limited to the Golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x" ], "known_not_affected": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-2880" }, { "category": "external", "summary": "RHBZ#2132868", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-2880", "url": "https://www.cve.org/CVERecord?id=CVE-2022-2880" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880" }, { "category": "external", "summary": "https://github.com/golang/go/issues/54663", "url": "https://github.com/golang/go/issues/54663" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1", "url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1" } ], "release_date": "2022-10-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-19T11:03:41+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters" }, { "cve": "CVE-2022-27664", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-09-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2124669" } ], "notes": [ { "category": "description", "text": "A flaw was found in the golang package. In net/http in Go, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if a fatal error preempts the shutdown.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/http: handle server errors after sending GOAWAY", "title": "Vulnerability summary" }, { "category": "other", "text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x" ], "known_not_affected": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-27664" }, { "category": "external", "summary": "RHBZ#2124669", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-27664", "url": "https://www.cve.org/CVERecord?id=CVE-2022-27664" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664" }, { "category": "external", "summary": "https://go.dev/issue/54658", "url": "https://go.dev/issue/54658" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", "url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ" } ], "release_date": "2022-09-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-19T11:03:41+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/http: handle server errors after sending GOAWAY" }, { "cve": "CVE-2022-32190", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)" }, "discovery_date": "2022-09-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2124668" } ], "notes": [ { "category": "description", "text": "A flaw was found in the golang package. The JoinPath doesn\u0027t remove the ../ path components appended to a domain that is not terminated by a slash, possibly leading to a directory traversal attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/url: JoinPath does not strip relative path components in all circumstances", "title": "Vulnerability summary" }, { "category": "other", "text": "The vulnerable functions, JoinPath and URL.JoinPath was introduced in upstream go1.19, whereas, RHEL ships go1.17 and go1.18 versions, which does not contain the vulnerable code. Hence, packages shipped with RHEL-8, RHEL-9 are not affected.\n\nAll Y stream releases of OpenShift Container Platform 4 run on RHEL-8 or RHEL-9, so OCP 4 is also not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x" ], "known_not_affected": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-32190" }, { "category": "external", "summary": "RHBZ#2124668", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-32190", "url": "https://www.cve.org/CVERecord?id=CVE-2022-32190" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32190" }, { "category": "external", "summary": "https://go.dev/issue/54385", "url": "https://go.dev/issue/54385" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ", "url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s/m/0tgO0pjiBQAJ" } ], "release_date": "2022-09-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-19T11:03:41+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/url: JoinPath does not strip relative path components in all circumstances" }, { "cve": "CVE-2022-37601", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-10-14T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134876" } ], "notes": [ { "category": "description", "text": "A prototype pollution vulnerability was found in the parseQuery function in parseQuery.js in the webpack loader-utils via the name variable in parseQuery.js. This flaw can lead to a denial of service or remote code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "loader-utils: prototype pollution in function parseQuery in parseQuery.js", "title": "Vulnerability summary" }, { "category": "other", "text": "Packages shipped in Red Hat Enterprise Linux use \u0027loader-utils\u0027 as a transitive dependency. Thus, reducing the impact to Moderate.\n\nIn Red Hat containerized products like OCP and ODF, the vulnerable loader-utils NodeJS module is bundled as a transitive dependency, hence the direct impact is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64" ], "known_not_affected": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-37601" }, { "category": "external", "summary": "RHBZ#2134876", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134876" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-37601", "url": "https://www.cve.org/CVERecord?id=CVE-2022-37601" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37601", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37601" }, { "category": "external", "summary": "https://github.com/webpack/loader-utils/issues/212", "url": "https://github.com/webpack/loader-utils/issues/212" } ], "release_date": "2022-10-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-19T11:03:41+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "loader-utils: prototype pollution in function parseQuery in parseQuery.js" }, { "acknowledgments": [ { "names": [ "Adam Korczynski" ], "organization": "ADA Logics" }, { "names": [ "OSS-Fuzz" ] } ], "cve": "CVE-2022-41715", "discovery_date": "2022-10-07T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2132872" } ], "notes": [ { "category": "description", "text": "A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: regexp/syntax: limit memory used by parsing regexps", "title": "Vulnerability summary" }, { "category": "other", "text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x" ], "known_not_affected": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41715" }, { "category": "external", "summary": "RHBZ#2132872", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41715", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41715" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715" }, { "category": "external", "summary": "https://github.com/golang/go/issues/55949", "url": "https://github.com/golang/go/issues/55949" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1", "url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1" } ], "release_date": "2022-10-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-19T11:03:41+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: regexp/syntax: limit memory used by parsing regexps" }, { "cve": "CVE-2022-42003", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-10-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135244" } ], "notes": [ { "category": "description", "text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64" ], "known_not_affected": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42003" }, { "category": "external", "summary": "RHBZ#2135244", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42003" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003" } ], "release_date": "2022-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-19T11:03:41+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS" }, { "cve": "CVE-2022-42004", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "discovery_date": "2022-10-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2135247" } ], "notes": [ { "category": "description", "text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.", "title": "Vulnerability description" }, { "category": "summary", "text": "jackson-databind: use of deeply nested arrays", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64" ], "known_not_affected": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:5d23a3070de2f99187bdbfa22d174a6c2cc3f649041c3b245fbb09716d43ef26_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:68fb404f3a4c9ed1801943fa2ebe881f3bba7756eb07167897e0e314976fb2d5_ppc64le", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6bb28d1d4b02ca917b0b9bde85f19701dcb2622e9f2edb8763701c6dfe0e24cf_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:790a836cc11b2c00da7192b9b015b60f37aae1b16d667dec1bebd42c350b2914_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:c7e150a9ca0a73f408a75c10938d0fe9d40119a3820819911b79e288816ed964_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:ffd0eca485e307aecb2c63b55d0b3c12cef7df50462f84bd29d35acec35f5463_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7118d1063e36241c329aba318e4e1e9b786ed190dcdcad4bd47bcbbb3ed403d1_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a9cfe6cfab32fde71adafc7610e002aaa0c46de9d650083d77b52b3a35703ead_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e3170b6c62d4bb4dc6ca77c57005ba71ddb844767d69dd13b61aa2e333577e8e_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:f24b8dd673576e03b5e759a3b906e176e1f72704050483d06e2403415e7ca9d7_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:2711fac0ffede01998c444552e354bb000fbfddbb92989e1b65378f26fbcd127_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4afba3e79b74b131daf317ff257794d41af443722e3412aabed88f7c14dbc136_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:4fe4f86fa912c533b67c3c51ded894914d2de64adb829cd5483de2138e7a7c8c_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:b81c24ca60bf144b5abea582b60d669ccbb4f3c4bf920fde596b466831822a3e_amd64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:4d45dc2403cdde02b556e5ee0ef8d09403bf602de26dbd291e7d4d173154d593_arm64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c22141221795a43d5d7f62400a9e8a29a88426cc48d53ace5cd53b9e5fad179b_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:c65ce2a082ca42db7aa154a35e1e64b0ea97abad232411e28d64d7be0b8f7b40_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:efb0d4ccc141ed513e1763aa3d3c290590f099f7ff6bc66a4f0fb05a1e816357_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:3a950c73793a13c854e70e5149a06432217751ddb123b74f1c0b464a6f6330bb_ppc64le", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:ed63f88f55cd7a37a79d6f55f43ed66f03df81eff2c5cfbd80c815c0a228c23e_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:edec56f852ed44006e02b8774725d9a53a31262b1686f0eb64a9499e1182e869_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f1b6f8da207711125204805b14b33e00df196478291fb8092f6935c23616017e_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:20d4683b3d58dc8cecb212e4228f9be17683669f0468d3d5a19f79f9288bf050_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:c94e490f2db36788c4ef8fdfddf1f9015820fe566b521e5675e9c21ffd6dd268_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:e469e40ff731d17a9e6139d7ea07dc6a3be04bbd0663f57aaa0df95ca4bd4015_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:f417563e42f6c48b87c563d19211bf109d6f04294ad4c9c8d565a8f03e7a98f2_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:2e0198621752c21e91880c43e0e9422a47a9c0896a203db650627b94d0bdca3f_s390x", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:724138ce2f29e8f8e15a190b7b99f78f65130b6e3136defd419ba1e45cdb2fef_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:8ea6f2d793049e2c1e36d9680d9a10c5f9b36bbdeb9b04da046f12a8458889e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:de74ce01341c7d828f2062761a0a55d26d9404c037660b5375e24d6852a75776_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:2e2a06e0d36b930c8a9377d2dddb1f38084fe63a9b64f6ea08387354d5387643_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:738813a7633e6ad5157023bb5d6be4a183b26efdf57ea97f24fe58f482dd478f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:918c79919caf0cdf08f3f35c1537472893ab3765f19950ccd0b2dd88c2f66464_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:ab8c4d7a32d21a47cf8918d0f9e14bedbb441c29210b4218f18e6166687d3918_s390x", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:1d7363ec7ab256aa0855153d6b60dda68f97f526bf3cc74c56e01a0fa729ee3f_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3aece4f28845789d752cf8bb1fe9576ed744a04037ab4c377df612e58f7f1594_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a49d73d230c4e869322ffc622edd1afa772143a16f972faf5789a94e0e082dcc_arm64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:a7bd9cea0fb94dcbf5e7656d5478f02cbdd98cf68df15d6944488be1bf3139df_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:028d9723585dd67607a3b37562107fbb1c909a241d8493e70aa32511d985f051_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:1ece8f1ac42a23e083a2c0ecc85d5bb54b9cf0bc456b3bb22a42cbe84505ac23_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:5a67525a4f1f68aba4af8c7414d98d30f99280d5d135e1e00d5b72558fd06357_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:86e2e187ef7ccf6db444d39b4e2d3c192b9a9dff8594eefb71caedd134574cbb_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:e76e2484009b14313587ed664d2e25972328a20e25395f10ddc1d74add74e894_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0321c12065ce746b2816a13de56e6ba3a9249ca8cd4af8be323cc07bcbb88122_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:0fd489d18145e3b377f1fc09e9f8e8b810b1cf5d7eeedb6e5a156b768105ffc8_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6b943512129de2f170a8fcc339c1d7a03428c3c67d703692507c24a81d706968_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:b928fad29ba5e0329eced4d762887a375cea06cbbb0fc3b7beddb1c8057dccb0_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:013c8de091db9550fc2d1e78289d9a3e7e28409c314f3c63d19b0e5ffe3ab62f_s390x", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:10c7951328a81f2de9b7ecc91f3fd3d4bc822fa86f21f8a53d25c135248bc5c2_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:6faf9a67fd1e9f57358409f6afdc45f3df94d6aa7d1eba7be3fe369dc5956c4f_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:9a769e66142bb770bdb7010aefd0a0459205f08509e3e012fe68913390cba464_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:232ab968f4939f7033e766368b6b8bcee1c95b23f50d882046770389fc08d239_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ae2561c4d894a080f843f4e1c094800d4001bff0f5e85a6add7d9d80b026418a_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:e29725dbfb9ec4987166b65635cc3d9cd51ef70dd4276ebe4440c4d838dc37cc_amd64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:ff883b736157042771802f19c84eb6c420736437dc74022127edcf277d7f0729_ppc64le", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:3e71263bd9c7f0654a1e6d301b6a48be3b08afb162f52466e7343c3dc651b8d1_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:55bd4ac20eeb722e3f9d3f84f5f66917cfdea1e84e39c7580e5934b9e1317fdb_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:a8686cd3895df86eaf7bfb57113e3d8c99feeea34fdf8b0e84d536e902f0c791_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:babd18762568da07bd303280429f825b736fe423c4122d402da8d2defd5df030_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42004" }, { "category": "external", "summary": "RHBZ#2135247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42004" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004" } ], "release_date": "2022-10-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-19T11:03:41+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0264" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:7883cee3de6e04b2c740b3e24c1eaed17b89248a8415e97ab85e695dc6388598_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:a31f98d2deaf78d52c68a3f861ba09db418d1eba5db9b29cc78cc7a23cfb2675_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:acf7b739c2205fed8946d09d1c5ba2c7adeb2347fb18ac373c28618ad7d63299_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c1c89eb7e7d5908c46db46dbc1e6eb80ed5f51fe994df0b7f6f9c4549975d406_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jackson-databind: use of deeply nested arrays" } ] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.