rhsa-2023_1174
Vulnerability from csaf_redhat
Published
2023-03-09 01:24
Modified
2024-11-13 23:56
Summary
Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.2 security and bug fix update
Notes
Topic
OpenShift API for Data Protection (OADP) 1.1.2 is now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.
Security Fix(es) from Bugzilla:
* golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)
* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)
* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)
* golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "OpenShift API for Data Protection (OADP) 1.1.2 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.\n\nSecurity Fix(es) from Bugzilla:\n\n* golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)\n\n* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)\n\n* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)\n\n* golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1174",
"url": "https://access.redhat.com/errata/RHSA-2023:1174"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2132867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867"
},
{
"category": "external",
"summary": "2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "2161274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274"
},
{
"category": "external",
"summary": "OADP-1056",
"url": "https://issues.redhat.com/browse/OADP-1056"
},
{
"category": "external",
"summary": "OADP-1150",
"url": "https://issues.redhat.com/browse/OADP-1150"
},
{
"category": "external",
"summary": "OADP-1217",
"url": "https://issues.redhat.com/browse/OADP-1217"
},
{
"category": "external",
"summary": "OADP-1256",
"url": "https://issues.redhat.com/browse/OADP-1256"
},
{
"category": "external",
"summary": "OADP-1289",
"url": "https://issues.redhat.com/browse/OADP-1289"
},
{
"category": "external",
"summary": "OADP-290",
"url": "https://issues.redhat.com/browse/OADP-290"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1174.json"
}
],
"title": "Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.2 security and bug fix update",
"tracking": {
"current_release_date": "2024-11-13T23:56:37+00:00",
"generator": {
"date": "2024-11-13T23:56:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2023:1174",
"initial_release_date": "2023-03-09T01:24:50+00:00",
"revision_history": [
{
"date": "2023-03-09T01:24:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-03-09T01:24:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-13T23:56:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-OADP-1.1",
"product": {
"name": "8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_api_data_protection:1.1::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift API for Data Protection"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2592551270d7dbb3aeff227eeb06c20ca14641e6f8f7f59f7ec2d5b38d740008_s390x",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2592551270d7dbb3aeff227eeb06c20ca14641e6f8f7f59f7ec2d5b38d740008_s390x",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2592551270d7dbb3aeff227eeb06c20ca14641e6f8f7f59f7ec2d5b38d740008_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel8@sha256:2592551270d7dbb3aeff227eeb06c20ca14641e6f8f7f59f7ec2d5b38d740008?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel8\u0026tag=1.1.2-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel8@sha256:1d7f1f396fe68805c144d1a538ba464f5a1efaa8cb09c9069cdbf69a6bb77c6f_s390x",
"product": {
"name": "oadp/oadp-mustgather-rhel8@sha256:1d7f1f396fe68805c144d1a538ba464f5a1efaa8cb09c9069cdbf69a6bb77c6f_s390x",
"product_id": "oadp/oadp-mustgather-rhel8@sha256:1d7f1f396fe68805c144d1a538ba464f5a1efaa8cb09c9069cdbf69a6bb77c6f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel8@sha256:1d7f1f396fe68805c144d1a538ba464f5a1efaa8cb09c9069cdbf69a6bb77c6f?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel8\u0026tag=1.1.2-26"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:fb9c4f7ff88c95bc8125610339ccd25f04033c3d4194ef3435cf67a7123e9002_s390x",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:fb9c4f7ff88c95bc8125610339ccd25f04033c3d4194ef3435cf67a7123e9002_s390x",
"product_id": "oadp/oadp-operator-bundle@sha256:fb9c4f7ff88c95bc8125610339ccd25f04033c3d4194ef3435cf67a7123e9002_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:fb9c4f7ff88c95bc8125610339ccd25f04033c3d4194ef3435cf67a7123e9002?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.1.2-31"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel8-operator@sha256:7fa56d2a84a3be27d149e624be0385590e6b2193974373b2c829b322e28e270b_s390x",
"product": {
"name": "oadp/oadp-rhel8-operator@sha256:7fa56d2a84a3be27d149e624be0385590e6b2193974373b2c829b322e28e270b_s390x",
"product_id": "oadp/oadp-rhel8-operator@sha256:7fa56d2a84a3be27d149e624be0385590e6b2193974373b2c829b322e28e270b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel8-operator@sha256:7fa56d2a84a3be27d149e624be0385590e6b2193974373b2c829b322e28e270b?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-rhel8-operator\u0026tag=1.1.2-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel8@sha256:d472102becfa09546580fd54704e2b1556398c5d0a0362a99fc108debff6954d_s390x",
"product": {
"name": "oadp/oadp-velero-rhel8@sha256:d472102becfa09546580fd54704e2b1556398c5d0a0362a99fc108debff6954d_s390x",
"product_id": "oadp/oadp-velero-rhel8@sha256:d472102becfa09546580fd54704e2b1556398c5d0a0362a99fc108debff6954d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel8@sha256:d472102becfa09546580fd54704e2b1556398c5d0a0362a99fc108debff6954d?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel8\u0026tag=1.1.2-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel8@sha256:34af5f104eb6bf621eb85eb91adea036f738eba6a343dbb1b8e10f529461f152_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:34af5f104eb6bf621eb85eb91adea036f738eba6a343dbb1b8e10f529461f152_s390x",
"product_id": "oadp/oadp-velero-plugin-rhel8@sha256:34af5f104eb6bf621eb85eb91adea036f738eba6a343dbb1b8e10f529461f152_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel8@sha256:34af5f104eb6bf621eb85eb91adea036f738eba6a343dbb1b8e10f529461f152?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel8\u0026tag=1.1.2-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0df302701b9ce8ff480ab417eb8752c2782469f6bc0131570ca3c063f7d6a96d_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0df302701b9ce8ff480ab417eb8752c2782469f6bc0131570ca3c063f7d6a96d_s390x",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0df302701b9ce8ff480ab417eb8752c2782469f6bc0131570ca3c063f7d6a96d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel8@sha256:0df302701b9ce8ff480ab417eb8752c2782469f6bc0131570ca3c063f7d6a96d?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel8\u0026tag=1.1.2-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:5d76a818dd642216f0a20b5324aa2125306e1cdfafc06a968da66537a589e0c2_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:5d76a818dd642216f0a20b5324aa2125306e1cdfafc06a968da66537a589e0c2_s390x",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:5d76a818dd642216f0a20b5324aa2125306e1cdfafc06a968da66537a589e0c2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel8@sha256:5d76a818dd642216f0a20b5324aa2125306e1cdfafc06a968da66537a589e0c2?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel8\u0026tag=1.1.2-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a8fdc9851bac1b31f446e149d24511bd31f1a4b0a5836493cad923a58ad19399_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a8fdc9851bac1b31f446e149d24511bd31f1a4b0a5836493cad923a58ad19399_s390x",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a8fdc9851bac1b31f446e149d24511bd31f1a4b0a5836493cad923a58ad19399_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel8@sha256:a8fdc9851bac1b31f446e149d24511bd31f1a4b0a5836493cad923a58ad19399?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel8\u0026tag=1.1.2-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:ca4895fc7d135749e88c33ed819fc41e08d216ca4b53abf488a68b4659b035ee_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:ca4895fc7d135749e88c33ed819fc41e08d216ca4b53abf488a68b4659b035ee_s390x",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:ca4895fc7d135749e88c33ed819fc41e08d216ca4b53abf488a68b4659b035ee_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:ca4895fc7d135749e88c33ed819fc41e08d216ca4b53abf488a68b4659b035ee?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel8\u0026tag=1.1.2-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:0a6abd7813f4588a00dbf6a2d34c000b74329e7018fb794a89db369511782c3c_s390x",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:0a6abd7813f4588a00dbf6a2d34c000b74329e7018fb794a89db369511782c3c_s390x",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:0a6abd7813f4588a00dbf6a2d34c000b74329e7018fb794a89db369511782c3c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel8@sha256:0a6abd7813f4588a00dbf6a2d34c000b74329e7018fb794a89db369511782c3c?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel8\u0026tag=1.1.2-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:225b98dba7f2f210b4684f256b5abf2058e7d45db64f0bc7f46891832fc11315_s390x",
"product": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:225b98dba7f2f210b4684f256b5abf2058e7d45db64f0bc7f46891832fc11315_s390x",
"product_id": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:225b98dba7f2f210b4684f256b5abf2058e7d45db64f0bc7f46891832fc11315_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-volume-snapshot-mover-rhel8@sha256:225b98dba7f2f210b4684f256b5abf2058e7d45db64f0bc7f46891832fc11315?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-volume-snapshot-mover-rhel8\u0026tag=1.1.2-13"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ebdf2c40a0ca3871e085f5b1ee8653d9074d6417b00cc740a3290ee3af3169ee_ppc64le",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ebdf2c40a0ca3871e085f5b1ee8653d9074d6417b00cc740a3290ee3af3169ee_ppc64le",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ebdf2c40a0ca3871e085f5b1ee8653d9074d6417b00cc740a3290ee3af3169ee_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel8@sha256:ebdf2c40a0ca3871e085f5b1ee8653d9074d6417b00cc740a3290ee3af3169ee?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel8\u0026tag=1.1.2-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel8@sha256:ee2a7436fe117ae745c721cabd51c2779a0c1d6b2f67c2b3b7ee182c17a74061_ppc64le",
"product": {
"name": "oadp/oadp-mustgather-rhel8@sha256:ee2a7436fe117ae745c721cabd51c2779a0c1d6b2f67c2b3b7ee182c17a74061_ppc64le",
"product_id": "oadp/oadp-mustgather-rhel8@sha256:ee2a7436fe117ae745c721cabd51c2779a0c1d6b2f67c2b3b7ee182c17a74061_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel8@sha256:ee2a7436fe117ae745c721cabd51c2779a0c1d6b2f67c2b3b7ee182c17a74061?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel8\u0026tag=1.1.2-26"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:9176a624a42b1d54f55a71a599f0ca80be7fd81894783e36fcc268227d694f24_ppc64le",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:9176a624a42b1d54f55a71a599f0ca80be7fd81894783e36fcc268227d694f24_ppc64le",
"product_id": "oadp/oadp-operator-bundle@sha256:9176a624a42b1d54f55a71a599f0ca80be7fd81894783e36fcc268227d694f24_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:9176a624a42b1d54f55a71a599f0ca80be7fd81894783e36fcc268227d694f24?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.1.2-31"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel8-operator@sha256:dcddfcc46a0c0a904fc0b444bbc4dbd8f04bf577d5a7be49524cb0b52b2a0abe_ppc64le",
"product": {
"name": "oadp/oadp-rhel8-operator@sha256:dcddfcc46a0c0a904fc0b444bbc4dbd8f04bf577d5a7be49524cb0b52b2a0abe_ppc64le",
"product_id": "oadp/oadp-rhel8-operator@sha256:dcddfcc46a0c0a904fc0b444bbc4dbd8f04bf577d5a7be49524cb0b52b2a0abe_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel8-operator@sha256:dcddfcc46a0c0a904fc0b444bbc4dbd8f04bf577d5a7be49524cb0b52b2a0abe?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-rhel8-operator\u0026tag=1.1.2-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel8@sha256:d440e26f11f81d795c5b41b4110aea350b6475d42bc0f6dcc442f5808aaca9d7_ppc64le",
"product": {
"name": "oadp/oadp-velero-rhel8@sha256:d440e26f11f81d795c5b41b4110aea350b6475d42bc0f6dcc442f5808aaca9d7_ppc64le",
"product_id": "oadp/oadp-velero-rhel8@sha256:d440e26f11f81d795c5b41b4110aea350b6475d42bc0f6dcc442f5808aaca9d7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel8@sha256:d440e26f11f81d795c5b41b4110aea350b6475d42bc0f6dcc442f5808aaca9d7?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel8\u0026tag=1.1.2-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel8@sha256:ee21d5439e5cda864e4c6bb3f24d30fb1a63a562ec16dcae9d0205fcc39d9970_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:ee21d5439e5cda864e4c6bb3f24d30fb1a63a562ec16dcae9d0205fcc39d9970_ppc64le",
"product_id": "oadp/oadp-velero-plugin-rhel8@sha256:ee21d5439e5cda864e4c6bb3f24d30fb1a63a562ec16dcae9d0205fcc39d9970_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel8@sha256:ee21d5439e5cda864e4c6bb3f24d30fb1a63a562ec16dcae9d0205fcc39d9970?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel8\u0026tag=1.1.2-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:3503e8a706e573d498bd1ee21561a1612e33b4e3ca6d4ad9d97338681dc3cdf7_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:3503e8a706e573d498bd1ee21561a1612e33b4e3ca6d4ad9d97338681dc3cdf7_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:3503e8a706e573d498bd1ee21561a1612e33b4e3ca6d4ad9d97338681dc3cdf7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel8@sha256:3503e8a706e573d498bd1ee21561a1612e33b4e3ca6d4ad9d97338681dc3cdf7?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel8\u0026tag=1.1.2-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:6647c6226f0d688aa0509bf3975c9c5cf7fb36ca19fa79e33e37ff97598ed7f5_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:6647c6226f0d688aa0509bf3975c9c5cf7fb36ca19fa79e33e37ff97598ed7f5_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:6647c6226f0d688aa0509bf3975c9c5cf7fb36ca19fa79e33e37ff97598ed7f5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel8@sha256:6647c6226f0d688aa0509bf3975c9c5cf7fb36ca19fa79e33e37ff97598ed7f5?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel8\u0026tag=1.1.2-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:99e71ef7d2317bae5967978efaf0557a2f4cb346504646bb2c42f9b1f890a1e2_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:99e71ef7d2317bae5967978efaf0557a2f4cb346504646bb2c42f9b1f890a1e2_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:99e71ef7d2317bae5967978efaf0557a2f4cb346504646bb2c42f9b1f890a1e2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel8@sha256:99e71ef7d2317bae5967978efaf0557a2f4cb346504646bb2c42f9b1f890a1e2?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel8\u0026tag=1.1.2-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2034cbd6c4b42f832cb02c49d224ea8c51097db4eae35955f66543fae1867a8_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2034cbd6c4b42f832cb02c49d224ea8c51097db4eae35955f66543fae1867a8_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2034cbd6c4b42f832cb02c49d224ea8c51097db4eae35955f66543fae1867a8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2034cbd6c4b42f832cb02c49d224ea8c51097db4eae35955f66543fae1867a8?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel8\u0026tag=1.1.2-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:021392da75c14255a6381a1ace934f7a546de5dccd38ab8a8bdc43a45b4fd7eb_ppc64le",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:021392da75c14255a6381a1ace934f7a546de5dccd38ab8a8bdc43a45b4fd7eb_ppc64le",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:021392da75c14255a6381a1ace934f7a546de5dccd38ab8a8bdc43a45b4fd7eb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel8@sha256:021392da75c14255a6381a1ace934f7a546de5dccd38ab8a8bdc43a45b4fd7eb?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel8\u0026tag=1.1.2-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:97068c64c6eb54a26f665eeac2ff0b4e23ec97b6421044cbaa31093e9b797b62_ppc64le",
"product": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:97068c64c6eb54a26f665eeac2ff0b4e23ec97b6421044cbaa31093e9b797b62_ppc64le",
"product_id": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:97068c64c6eb54a26f665eeac2ff0b4e23ec97b6421044cbaa31093e9b797b62_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-volume-snapshot-mover-rhel8@sha256:97068c64c6eb54a26f665eeac2ff0b4e23ec97b6421044cbaa31093e9b797b62?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-volume-snapshot-mover-rhel8\u0026tag=1.1.2-13"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:3548d98637c8573c036e28121f61c3429d5061cb32a193eb71394b2103089c6d_amd64",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:3548d98637c8573c036e28121f61c3429d5061cb32a193eb71394b2103089c6d_amd64",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:3548d98637c8573c036e28121f61c3429d5061cb32a193eb71394b2103089c6d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel8@sha256:3548d98637c8573c036e28121f61c3429d5061cb32a193eb71394b2103089c6d?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel8\u0026tag=1.1.2-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel8@sha256:3c296126466e6d5795ea325c06d8e9f477f58aa5f5f83d9cfaec7df7b9429c5f_amd64",
"product": {
"name": "oadp/oadp-mustgather-rhel8@sha256:3c296126466e6d5795ea325c06d8e9f477f58aa5f5f83d9cfaec7df7b9429c5f_amd64",
"product_id": "oadp/oadp-mustgather-rhel8@sha256:3c296126466e6d5795ea325c06d8e9f477f58aa5f5f83d9cfaec7df7b9429c5f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel8@sha256:3c296126466e6d5795ea325c06d8e9f477f58aa5f5f83d9cfaec7df7b9429c5f?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel8\u0026tag=1.1.2-26"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:a09561642d2e4016ed90e7850f2891a4c9cf89c7f3693392763d1ccf57096c27_amd64",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:a09561642d2e4016ed90e7850f2891a4c9cf89c7f3693392763d1ccf57096c27_amd64",
"product_id": "oadp/oadp-operator-bundle@sha256:a09561642d2e4016ed90e7850f2891a4c9cf89c7f3693392763d1ccf57096c27_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:a09561642d2e4016ed90e7850f2891a4c9cf89c7f3693392763d1ccf57096c27?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.1.2-31"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel8-operator@sha256:71f603874bc47c4a2ceb968687de865ef0f28b08d077e83026bb401bd9ae8748_amd64",
"product": {
"name": "oadp/oadp-rhel8-operator@sha256:71f603874bc47c4a2ceb968687de865ef0f28b08d077e83026bb401bd9ae8748_amd64",
"product_id": "oadp/oadp-rhel8-operator@sha256:71f603874bc47c4a2ceb968687de865ef0f28b08d077e83026bb401bd9ae8748_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel8-operator@sha256:71f603874bc47c4a2ceb968687de865ef0f28b08d077e83026bb401bd9ae8748?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel8-operator\u0026tag=1.1.2-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel8@sha256:9dfd605af04df668214f21f19da41dfd669fc905a3888ddb178f285cef5b03e3_amd64",
"product": {
"name": "oadp/oadp-velero-rhel8@sha256:9dfd605af04df668214f21f19da41dfd669fc905a3888ddb178f285cef5b03e3_amd64",
"product_id": "oadp/oadp-velero-rhel8@sha256:9dfd605af04df668214f21f19da41dfd669fc905a3888ddb178f285cef5b03e3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel8@sha256:9dfd605af04df668214f21f19da41dfd669fc905a3888ddb178f285cef5b03e3?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel8\u0026tag=1.1.2-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel8@sha256:b6c30ed53411f9e427e28e5768d330e3325ecd0e9f8cc999c8c5e94c2f639faa_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:b6c30ed53411f9e427e28e5768d330e3325ecd0e9f8cc999c8c5e94c2f639faa_amd64",
"product_id": "oadp/oadp-velero-plugin-rhel8@sha256:b6c30ed53411f9e427e28e5768d330e3325ecd0e9f8cc999c8c5e94c2f639faa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel8@sha256:b6c30ed53411f9e427e28e5768d330e3325ecd0e9f8cc999c8c5e94c2f639faa?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel8\u0026tag=1.1.2-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:60b69812981b289b5e7e3052ceb2d5a7c0c14a9353aed10ad8f3da89f0674079_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:60b69812981b289b5e7e3052ceb2d5a7c0c14a9353aed10ad8f3da89f0674079_amd64",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:60b69812981b289b5e7e3052ceb2d5a7c0c14a9353aed10ad8f3da89f0674079_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel8@sha256:60b69812981b289b5e7e3052ceb2d5a7c0c14a9353aed10ad8f3da89f0674079?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel8\u0026tag=1.1.2-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbde2697cb2e57aa7d6655534c3677c5fc86b19710a7b870f1c6b9003033b4e8_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbde2697cb2e57aa7d6655534c3677c5fc86b19710a7b870f1c6b9003033b4e8_amd64",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbde2697cb2e57aa7d6655534c3677c5fc86b19710a7b870f1c6b9003033b4e8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel8@sha256:fbde2697cb2e57aa7d6655534c3677c5fc86b19710a7b870f1c6b9003033b4e8?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel8\u0026tag=1.1.2-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:000c106d6f3df71a7bfe7f4dab2705eae66075f47ae9a79cdbe9b7c092a7f969_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:000c106d6f3df71a7bfe7f4dab2705eae66075f47ae9a79cdbe9b7c092a7f969_amd64",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:000c106d6f3df71a7bfe7f4dab2705eae66075f47ae9a79cdbe9b7c092a7f969_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel8@sha256:000c106d6f3df71a7bfe7f4dab2705eae66075f47ae9a79cdbe9b7c092a7f969?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel8\u0026tag=1.1.2-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:bd3898823b9634235e5b17793b42fb67ecb28758c3ed63eca2e51be3fe415c14_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:bd3898823b9634235e5b17793b42fb67ecb28758c3ed63eca2e51be3fe415c14_amd64",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:bd3898823b9634235e5b17793b42fb67ecb28758c3ed63eca2e51be3fe415c14_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:bd3898823b9634235e5b17793b42fb67ecb28758c3ed63eca2e51be3fe415c14?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel8\u0026tag=1.1.2-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:130d858d1ee18d0e1cad5368298c8916b7708f6755cfd80e3d1975c0e91ddca8_amd64",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:130d858d1ee18d0e1cad5368298c8916b7708f6755cfd80e3d1975c0e91ddca8_amd64",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:130d858d1ee18d0e1cad5368298c8916b7708f6755cfd80e3d1975c0e91ddca8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel8@sha256:130d858d1ee18d0e1cad5368298c8916b7708f6755cfd80e3d1975c0e91ddca8?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel8\u0026tag=1.1.2-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:be374c3070caf23563762952b8b181721f3869761fc837ee9b5d67d317031169_amd64",
"product": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:be374c3070caf23563762952b8b181721f3869761fc837ee9b5d67d317031169_amd64",
"product_id": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:be374c3070caf23563762952b8b181721f3869761fc837ee9b5d67d317031169_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-volume-snapshot-mover-rhel8@sha256:be374c3070caf23563762952b8b181721f3869761fc837ee9b5d67d317031169?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-volume-snapshot-mover-rhel8\u0026tag=1.1.2-13"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2592551270d7dbb3aeff227eeb06c20ca14641e6f8f7f59f7ec2d5b38d740008_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2592551270d7dbb3aeff227eeb06c20ca14641e6f8f7f59f7ec2d5b38d740008_s390x"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2592551270d7dbb3aeff227eeb06c20ca14641e6f8f7f59f7ec2d5b38d740008_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:3548d98637c8573c036e28121f61c3429d5061cb32a193eb71394b2103089c6d_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:3548d98637c8573c036e28121f61c3429d5061cb32a193eb71394b2103089c6d_amd64"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:3548d98637c8573c036e28121f61c3429d5061cb32a193eb71394b2103089c6d_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ebdf2c40a0ca3871e085f5b1ee8653d9074d6417b00cc740a3290ee3af3169ee_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ebdf2c40a0ca3871e085f5b1ee8653d9074d6417b00cc740a3290ee3af3169ee_ppc64le"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ebdf2c40a0ca3871e085f5b1ee8653d9074d6417b00cc740a3290ee3af3169ee_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel8@sha256:1d7f1f396fe68805c144d1a538ba464f5a1efaa8cb09c9069cdbf69a6bb77c6f_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:1d7f1f396fe68805c144d1a538ba464f5a1efaa8cb09c9069cdbf69a6bb77c6f_s390x"
},
"product_reference": "oadp/oadp-mustgather-rhel8@sha256:1d7f1f396fe68805c144d1a538ba464f5a1efaa8cb09c9069cdbf69a6bb77c6f_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel8@sha256:3c296126466e6d5795ea325c06d8e9f477f58aa5f5f83d9cfaec7df7b9429c5f_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:3c296126466e6d5795ea325c06d8e9f477f58aa5f5f83d9cfaec7df7b9429c5f_amd64"
},
"product_reference": "oadp/oadp-mustgather-rhel8@sha256:3c296126466e6d5795ea325c06d8e9f477f58aa5f5f83d9cfaec7df7b9429c5f_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel8@sha256:ee2a7436fe117ae745c721cabd51c2779a0c1d6b2f67c2b3b7ee182c17a74061_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:ee2a7436fe117ae745c721cabd51c2779a0c1d6b2f67c2b3b7ee182c17a74061_ppc64le"
},
"product_reference": "oadp/oadp-mustgather-rhel8@sha256:ee2a7436fe117ae745c721cabd51c2779a0c1d6b2f67c2b3b7ee182c17a74061_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:9176a624a42b1d54f55a71a599f0ca80be7fd81894783e36fcc268227d694f24_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:9176a624a42b1d54f55a71a599f0ca80be7fd81894783e36fcc268227d694f24_ppc64le"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:9176a624a42b1d54f55a71a599f0ca80be7fd81894783e36fcc268227d694f24_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:a09561642d2e4016ed90e7850f2891a4c9cf89c7f3693392763d1ccf57096c27_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a09561642d2e4016ed90e7850f2891a4c9cf89c7f3693392763d1ccf57096c27_amd64"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:a09561642d2e4016ed90e7850f2891a4c9cf89c7f3693392763d1ccf57096c27_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:fb9c4f7ff88c95bc8125610339ccd25f04033c3d4194ef3435cf67a7123e9002_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:fb9c4f7ff88c95bc8125610339ccd25f04033c3d4194ef3435cf67a7123e9002_s390x"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:fb9c4f7ff88c95bc8125610339ccd25f04033c3d4194ef3435cf67a7123e9002_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel8-operator@sha256:71f603874bc47c4a2ceb968687de865ef0f28b08d077e83026bb401bd9ae8748_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:71f603874bc47c4a2ceb968687de865ef0f28b08d077e83026bb401bd9ae8748_amd64"
},
"product_reference": "oadp/oadp-rhel8-operator@sha256:71f603874bc47c4a2ceb968687de865ef0f28b08d077e83026bb401bd9ae8748_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel8-operator@sha256:7fa56d2a84a3be27d149e624be0385590e6b2193974373b2c829b322e28e270b_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7fa56d2a84a3be27d149e624be0385590e6b2193974373b2c829b322e28e270b_s390x"
},
"product_reference": "oadp/oadp-rhel8-operator@sha256:7fa56d2a84a3be27d149e624be0385590e6b2193974373b2c829b322e28e270b_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel8-operator@sha256:dcddfcc46a0c0a904fc0b444bbc4dbd8f04bf577d5a7be49524cb0b52b2a0abe_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:dcddfcc46a0c0a904fc0b444bbc4dbd8f04bf577d5a7be49524cb0b52b2a0abe_ppc64le"
},
"product_reference": "oadp/oadp-rhel8-operator@sha256:dcddfcc46a0c0a904fc0b444bbc4dbd8f04bf577d5a7be49524cb0b52b2a0abe_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0df302701b9ce8ff480ab417eb8752c2782469f6bc0131570ca3c063f7d6a96d_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0df302701b9ce8ff480ab417eb8752c2782469f6bc0131570ca3c063f7d6a96d_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0df302701b9ce8ff480ab417eb8752c2782469f6bc0131570ca3c063f7d6a96d_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:3503e8a706e573d498bd1ee21561a1612e33b4e3ca6d4ad9d97338681dc3cdf7_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:3503e8a706e573d498bd1ee21561a1612e33b4e3ca6d4ad9d97338681dc3cdf7_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:3503e8a706e573d498bd1ee21561a1612e33b4e3ca6d4ad9d97338681dc3cdf7_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:60b69812981b289b5e7e3052ceb2d5a7c0c14a9353aed10ad8f3da89f0674079_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:60b69812981b289b5e7e3052ceb2d5a7c0c14a9353aed10ad8f3da89f0674079_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel8@sha256:60b69812981b289b5e7e3052ceb2d5a7c0c14a9353aed10ad8f3da89f0674079_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:5d76a818dd642216f0a20b5324aa2125306e1cdfafc06a968da66537a589e0c2_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:5d76a818dd642216f0a20b5324aa2125306e1cdfafc06a968da66537a589e0c2_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:5d76a818dd642216f0a20b5324aa2125306e1cdfafc06a968da66537a589e0c2_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:6647c6226f0d688aa0509bf3975c9c5cf7fb36ca19fa79e33e37ff97598ed7f5_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:6647c6226f0d688aa0509bf3975c9c5cf7fb36ca19fa79e33e37ff97598ed7f5_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:6647c6226f0d688aa0509bf3975c9c5cf7fb36ca19fa79e33e37ff97598ed7f5_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbde2697cb2e57aa7d6655534c3677c5fc86b19710a7b870f1c6b9003033b4e8_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbde2697cb2e57aa7d6655534c3677c5fc86b19710a7b870f1c6b9003033b4e8_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbde2697cb2e57aa7d6655534c3677c5fc86b19710a7b870f1c6b9003033b4e8_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:000c106d6f3df71a7bfe7f4dab2705eae66075f47ae9a79cdbe9b7c092a7f969_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:000c106d6f3df71a7bfe7f4dab2705eae66075f47ae9a79cdbe9b7c092a7f969_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:000c106d6f3df71a7bfe7f4dab2705eae66075f47ae9a79cdbe9b7c092a7f969_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:99e71ef7d2317bae5967978efaf0557a2f4cb346504646bb2c42f9b1f890a1e2_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:99e71ef7d2317bae5967978efaf0557a2f4cb346504646bb2c42f9b1f890a1e2_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:99e71ef7d2317bae5967978efaf0557a2f4cb346504646bb2c42f9b1f890a1e2_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a8fdc9851bac1b31f446e149d24511bd31f1a4b0a5836493cad923a58ad19399_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a8fdc9851bac1b31f446e149d24511bd31f1a4b0a5836493cad923a58ad19399_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a8fdc9851bac1b31f446e149d24511bd31f1a4b0a5836493cad923a58ad19399_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2034cbd6c4b42f832cb02c49d224ea8c51097db4eae35955f66543fae1867a8_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2034cbd6c4b42f832cb02c49d224ea8c51097db4eae35955f66543fae1867a8_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2034cbd6c4b42f832cb02c49d224ea8c51097db4eae35955f66543fae1867a8_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:bd3898823b9634235e5b17793b42fb67ecb28758c3ed63eca2e51be3fe415c14_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:bd3898823b9634235e5b17793b42fb67ecb28758c3ed63eca2e51be3fe415c14_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:bd3898823b9634235e5b17793b42fb67ecb28758c3ed63eca2e51be3fe415c14_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:ca4895fc7d135749e88c33ed819fc41e08d216ca4b53abf488a68b4659b035ee_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:ca4895fc7d135749e88c33ed819fc41e08d216ca4b53abf488a68b4659b035ee_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:ca4895fc7d135749e88c33ed819fc41e08d216ca4b53abf488a68b4659b035ee_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:34af5f104eb6bf621eb85eb91adea036f738eba6a343dbb1b8e10f529461f152_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:34af5f104eb6bf621eb85eb91adea036f738eba6a343dbb1b8e10f529461f152_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-rhel8@sha256:34af5f104eb6bf621eb85eb91adea036f738eba6a343dbb1b8e10f529461f152_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:b6c30ed53411f9e427e28e5768d330e3325ecd0e9f8cc999c8c5e94c2f639faa_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:b6c30ed53411f9e427e28e5768d330e3325ecd0e9f8cc999c8c5e94c2f639faa_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-rhel8@sha256:b6c30ed53411f9e427e28e5768d330e3325ecd0e9f8cc999c8c5e94c2f639faa_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel8@sha256:ee21d5439e5cda864e4c6bb3f24d30fb1a63a562ec16dcae9d0205fcc39d9970_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:ee21d5439e5cda864e4c6bb3f24d30fb1a63a562ec16dcae9d0205fcc39d9970_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-rhel8@sha256:ee21d5439e5cda864e4c6bb3f24d30fb1a63a562ec16dcae9d0205fcc39d9970_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:021392da75c14255a6381a1ace934f7a546de5dccd38ab8a8bdc43a45b4fd7eb_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:021392da75c14255a6381a1ace934f7a546de5dccd38ab8a8bdc43a45b4fd7eb_ppc64le"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:021392da75c14255a6381a1ace934f7a546de5dccd38ab8a8bdc43a45b4fd7eb_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:0a6abd7813f4588a00dbf6a2d34c000b74329e7018fb794a89db369511782c3c_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:0a6abd7813f4588a00dbf6a2d34c000b74329e7018fb794a89db369511782c3c_s390x"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:0a6abd7813f4588a00dbf6a2d34c000b74329e7018fb794a89db369511782c3c_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:130d858d1ee18d0e1cad5368298c8916b7708f6755cfd80e3d1975c0e91ddca8_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:130d858d1ee18d0e1cad5368298c8916b7708f6755cfd80e3d1975c0e91ddca8_amd64"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel8@sha256:130d858d1ee18d0e1cad5368298c8916b7708f6755cfd80e3d1975c0e91ddca8_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel8@sha256:9dfd605af04df668214f21f19da41dfd669fc905a3888ddb178f285cef5b03e3_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:9dfd605af04df668214f21f19da41dfd669fc905a3888ddb178f285cef5b03e3_amd64"
},
"product_reference": "oadp/oadp-velero-rhel8@sha256:9dfd605af04df668214f21f19da41dfd669fc905a3888ddb178f285cef5b03e3_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel8@sha256:d440e26f11f81d795c5b41b4110aea350b6475d42bc0f6dcc442f5808aaca9d7_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d440e26f11f81d795c5b41b4110aea350b6475d42bc0f6dcc442f5808aaca9d7_ppc64le"
},
"product_reference": "oadp/oadp-velero-rhel8@sha256:d440e26f11f81d795c5b41b4110aea350b6475d42bc0f6dcc442f5808aaca9d7_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel8@sha256:d472102becfa09546580fd54704e2b1556398c5d0a0362a99fc108debff6954d_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d472102becfa09546580fd54704e2b1556398c5d0a0362a99fc108debff6954d_s390x"
},
"product_reference": "oadp/oadp-velero-rhel8@sha256:d472102becfa09546580fd54704e2b1556398c5d0a0362a99fc108debff6954d_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:225b98dba7f2f210b4684f256b5abf2058e7d45db64f0bc7f46891832fc11315_s390x as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:225b98dba7f2f210b4684f256b5abf2058e7d45db64f0bc7f46891832fc11315_s390x"
},
"product_reference": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:225b98dba7f2f210b4684f256b5abf2058e7d45db64f0bc7f46891832fc11315_s390x",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:97068c64c6eb54a26f665eeac2ff0b4e23ec97b6421044cbaa31093e9b797b62_ppc64le as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:97068c64c6eb54a26f665eeac2ff0b4e23ec97b6421044cbaa31093e9b797b62_ppc64le"
},
"product_reference": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:97068c64c6eb54a26f665eeac2ff0b4e23ec97b6421044cbaa31093e9b797b62_ppc64le",
"relates_to_product_reference": "8Base-OADP-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:be374c3070caf23563762952b8b181721f3869761fc837ee9b5d67d317031169_amd64 as a component of 8Base-OADP-1.1",
"product_id": "8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:be374c3070caf23563762952b8b181721f3869761fc837ee9b5d67d317031169_amd64"
},
"product_reference": "oadp/oadp-volume-snapshot-mover-rhel8@sha256:be374c3070caf23563762952b8b181721f3869761fc837ee9b5d67d317031169_amd64",
"relates_to_product_reference": "8Base-OADP-1.1"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Adam Korczynski"
],
"organization": "ADA Logics"
},
{
"names": [
"OSS-Fuzz"
]
}
],
"cve": "CVE-2022-2879",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2592551270d7dbb3aeff227eeb06c20ca14641e6f8f7f59f7ec2d5b38d740008_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:3548d98637c8573c036e28121f61c3429d5061cb32a193eb71394b2103089c6d_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ebdf2c40a0ca3871e085f5b1ee8653d9074d6417b00cc740a3290ee3af3169ee_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:1d7f1f396fe68805c144d1a538ba464f5a1efaa8cb09c9069cdbf69a6bb77c6f_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:3c296126466e6d5795ea325c06d8e9f477f58aa5f5f83d9cfaec7df7b9429c5f_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:ee2a7436fe117ae745c721cabd51c2779a0c1d6b2f67c2b3b7ee182c17a74061_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:9176a624a42b1d54f55a71a599f0ca80be7fd81894783e36fcc268227d694f24_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a09561642d2e4016ed90e7850f2891a4c9cf89c7f3693392763d1ccf57096c27_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:fb9c4f7ff88c95bc8125610339ccd25f04033c3d4194ef3435cf67a7123e9002_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:71f603874bc47c4a2ceb968687de865ef0f28b08d077e83026bb401bd9ae8748_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7fa56d2a84a3be27d149e624be0385590e6b2193974373b2c829b322e28e270b_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:dcddfcc46a0c0a904fc0b444bbc4dbd8f04bf577d5a7be49524cb0b52b2a0abe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0df302701b9ce8ff480ab417eb8752c2782469f6bc0131570ca3c063f7d6a96d_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:3503e8a706e573d498bd1ee21561a1612e33b4e3ca6d4ad9d97338681dc3cdf7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:60b69812981b289b5e7e3052ceb2d5a7c0c14a9353aed10ad8f3da89f0674079_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:5d76a818dd642216f0a20b5324aa2125306e1cdfafc06a968da66537a589e0c2_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:6647c6226f0d688aa0509bf3975c9c5cf7fb36ca19fa79e33e37ff97598ed7f5_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbde2697cb2e57aa7d6655534c3677c5fc86b19710a7b870f1c6b9003033b4e8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:000c106d6f3df71a7bfe7f4dab2705eae66075f47ae9a79cdbe9b7c092a7f969_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:99e71ef7d2317bae5967978efaf0557a2f4cb346504646bb2c42f9b1f890a1e2_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a8fdc9851bac1b31f446e149d24511bd31f1a4b0a5836493cad923a58ad19399_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2034cbd6c4b42f832cb02c49d224ea8c51097db4eae35955f66543fae1867a8_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:bd3898823b9634235e5b17793b42fb67ecb28758c3ed63eca2e51be3fe415c14_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:ca4895fc7d135749e88c33ed819fc41e08d216ca4b53abf488a68b4659b035ee_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:34af5f104eb6bf621eb85eb91adea036f738eba6a343dbb1b8e10f529461f152_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:b6c30ed53411f9e427e28e5768d330e3325ecd0e9f8cc999c8c5e94c2f639faa_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:ee21d5439e5cda864e4c6bb3f24d30fb1a63a562ec16dcae9d0205fcc39d9970_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:021392da75c14255a6381a1ace934f7a546de5dccd38ab8a8bdc43a45b4fd7eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:0a6abd7813f4588a00dbf6a2d34c000b74329e7018fb794a89db369511782c3c_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:130d858d1ee18d0e1cad5368298c8916b7708f6755cfd80e3d1975c0e91ddca8_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:225b98dba7f2f210b4684f256b5abf2058e7d45db64f0bc7f46891832fc11315_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:97068c64c6eb54a26f665eeac2ff0b4e23ec97b6421044cbaa31093e9b797b62_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:be374c3070caf23563762952b8b181721f3869761fc837ee9b5d67d317031169_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132867"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where Reader.Read does not set a limit on the maximum size of file headers. After fixing, Reader.Read limits the maximum size of header blocks to 1 MiB. This flaw allows a maliciously crafted archive to cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: unbounded memory consumption when reading headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:9dfd605af04df668214f21f19da41dfd669fc905a3888ddb178f285cef5b03e3_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d440e26f11f81d795c5b41b4110aea350b6475d42bc0f6dcc442f5808aaca9d7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d472102becfa09546580fd54704e2b1556398c5d0a0362a99fc108debff6954d_s390x"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2592551270d7dbb3aeff227eeb06c20ca14641e6f8f7f59f7ec2d5b38d740008_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:3548d98637c8573c036e28121f61c3429d5061cb32a193eb71394b2103089c6d_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ebdf2c40a0ca3871e085f5b1ee8653d9074d6417b00cc740a3290ee3af3169ee_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:1d7f1f396fe68805c144d1a538ba464f5a1efaa8cb09c9069cdbf69a6bb77c6f_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:3c296126466e6d5795ea325c06d8e9f477f58aa5f5f83d9cfaec7df7b9429c5f_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:ee2a7436fe117ae745c721cabd51c2779a0c1d6b2f67c2b3b7ee182c17a74061_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:9176a624a42b1d54f55a71a599f0ca80be7fd81894783e36fcc268227d694f24_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a09561642d2e4016ed90e7850f2891a4c9cf89c7f3693392763d1ccf57096c27_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:fb9c4f7ff88c95bc8125610339ccd25f04033c3d4194ef3435cf67a7123e9002_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:71f603874bc47c4a2ceb968687de865ef0f28b08d077e83026bb401bd9ae8748_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7fa56d2a84a3be27d149e624be0385590e6b2193974373b2c829b322e28e270b_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:dcddfcc46a0c0a904fc0b444bbc4dbd8f04bf577d5a7be49524cb0b52b2a0abe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0df302701b9ce8ff480ab417eb8752c2782469f6bc0131570ca3c063f7d6a96d_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:3503e8a706e573d498bd1ee21561a1612e33b4e3ca6d4ad9d97338681dc3cdf7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:60b69812981b289b5e7e3052ceb2d5a7c0c14a9353aed10ad8f3da89f0674079_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:5d76a818dd642216f0a20b5324aa2125306e1cdfafc06a968da66537a589e0c2_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:6647c6226f0d688aa0509bf3975c9c5cf7fb36ca19fa79e33e37ff97598ed7f5_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbde2697cb2e57aa7d6655534c3677c5fc86b19710a7b870f1c6b9003033b4e8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:000c106d6f3df71a7bfe7f4dab2705eae66075f47ae9a79cdbe9b7c092a7f969_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:99e71ef7d2317bae5967978efaf0557a2f4cb346504646bb2c42f9b1f890a1e2_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a8fdc9851bac1b31f446e149d24511bd31f1a4b0a5836493cad923a58ad19399_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2034cbd6c4b42f832cb02c49d224ea8c51097db4eae35955f66543fae1867a8_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:bd3898823b9634235e5b17793b42fb67ecb28758c3ed63eca2e51be3fe415c14_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:ca4895fc7d135749e88c33ed819fc41e08d216ca4b53abf488a68b4659b035ee_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:34af5f104eb6bf621eb85eb91adea036f738eba6a343dbb1b8e10f529461f152_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:b6c30ed53411f9e427e28e5768d330e3325ecd0e9f8cc999c8c5e94c2f639faa_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:ee21d5439e5cda864e4c6bb3f24d30fb1a63a562ec16dcae9d0205fcc39d9970_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:021392da75c14255a6381a1ace934f7a546de5dccd38ab8a8bdc43a45b4fd7eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:0a6abd7813f4588a00dbf6a2d34c000b74329e7018fb794a89db369511782c3c_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:130d858d1ee18d0e1cad5368298c8916b7708f6755cfd80e3d1975c0e91ddca8_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:225b98dba7f2f210b4684f256b5abf2058e7d45db64f0bc7f46891832fc11315_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:97068c64c6eb54a26f665eeac2ff0b4e23ec97b6421044cbaa31093e9b797b62_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:be374c3070caf23563762952b8b181721f3869761fc837ee9b5d67d317031169_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2879"
},
{
"category": "external",
"summary": "RHBZ#2132867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2879"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/54853",
"url": "https://github.com/golang/go/issues/54853"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-09T01:24:50+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:9dfd605af04df668214f21f19da41dfd669fc905a3888ddb178f285cef5b03e3_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d440e26f11f81d795c5b41b4110aea350b6475d42bc0f6dcc442f5808aaca9d7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d472102becfa09546580fd54704e2b1556398c5d0a0362a99fc108debff6954d_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1174"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:9dfd605af04df668214f21f19da41dfd669fc905a3888ddb178f285cef5b03e3_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d440e26f11f81d795c5b41b4110aea350b6475d42bc0f6dcc442f5808aaca9d7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d472102becfa09546580fd54704e2b1556398c5d0a0362a99fc108debff6954d_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: unbounded memory consumption when reading headers"
},
{
"acknowledgments": [
{
"names": [
"Daniel Abeles"
],
"organization": "Head of Research, Oxeye"
},
{
"names": [
"Gal Goldstein"
],
"organization": "Security Researcher, Oxeye"
}
],
"cve": "CVE-2022-2880",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2592551270d7dbb3aeff227eeb06c20ca14641e6f8f7f59f7ec2d5b38d740008_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:3548d98637c8573c036e28121f61c3429d5061cb32a193eb71394b2103089c6d_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ebdf2c40a0ca3871e085f5b1ee8653d9074d6417b00cc740a3290ee3af3169ee_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:1d7f1f396fe68805c144d1a538ba464f5a1efaa8cb09c9069cdbf69a6bb77c6f_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:3c296126466e6d5795ea325c06d8e9f477f58aa5f5f83d9cfaec7df7b9429c5f_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:ee2a7436fe117ae745c721cabd51c2779a0c1d6b2f67c2b3b7ee182c17a74061_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:9176a624a42b1d54f55a71a599f0ca80be7fd81894783e36fcc268227d694f24_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a09561642d2e4016ed90e7850f2891a4c9cf89c7f3693392763d1ccf57096c27_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:fb9c4f7ff88c95bc8125610339ccd25f04033c3d4194ef3435cf67a7123e9002_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:71f603874bc47c4a2ceb968687de865ef0f28b08d077e83026bb401bd9ae8748_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7fa56d2a84a3be27d149e624be0385590e6b2193974373b2c829b322e28e270b_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:dcddfcc46a0c0a904fc0b444bbc4dbd8f04bf577d5a7be49524cb0b52b2a0abe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0df302701b9ce8ff480ab417eb8752c2782469f6bc0131570ca3c063f7d6a96d_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:3503e8a706e573d498bd1ee21561a1612e33b4e3ca6d4ad9d97338681dc3cdf7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:60b69812981b289b5e7e3052ceb2d5a7c0c14a9353aed10ad8f3da89f0674079_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:5d76a818dd642216f0a20b5324aa2125306e1cdfafc06a968da66537a589e0c2_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:6647c6226f0d688aa0509bf3975c9c5cf7fb36ca19fa79e33e37ff97598ed7f5_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbde2697cb2e57aa7d6655534c3677c5fc86b19710a7b870f1c6b9003033b4e8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:000c106d6f3df71a7bfe7f4dab2705eae66075f47ae9a79cdbe9b7c092a7f969_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:99e71ef7d2317bae5967978efaf0557a2f4cb346504646bb2c42f9b1f890a1e2_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a8fdc9851bac1b31f446e149d24511bd31f1a4b0a5836493cad923a58ad19399_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2034cbd6c4b42f832cb02c49d224ea8c51097db4eae35955f66543fae1867a8_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:bd3898823b9634235e5b17793b42fb67ecb28758c3ed63eca2e51be3fe415c14_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:ca4895fc7d135749e88c33ed819fc41e08d216ca4b53abf488a68b4659b035ee_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:34af5f104eb6bf621eb85eb91adea036f738eba6a343dbb1b8e10f529461f152_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:b6c30ed53411f9e427e28e5768d330e3325ecd0e9f8cc999c8c5e94c2f639faa_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:ee21d5439e5cda864e4c6bb3f24d30fb1a63a562ec16dcae9d0205fcc39d9970_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:021392da75c14255a6381a1ace934f7a546de5dccd38ab8a8bdc43a45b4fd7eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:0a6abd7813f4588a00dbf6a2d34c000b74329e7018fb794a89db369511782c3c_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:130d858d1ee18d0e1cad5368298c8916b7708f6755cfd80e3d1975c0e91ddca8_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:225b98dba7f2f210b4684f256b5abf2058e7d45db64f0bc7f46891832fc11315_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:97068c64c6eb54a26f665eeac2ff0b4e23ec97b6421044cbaa31093e9b797b62_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:be374c3070caf23563762952b8b181721f3869761fc837ee9b5d67d317031169_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132868"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After the fix, the reverse proxy sanitizes the query parameters in the forwarded query when the outbound request\u0027s form field is set after the reverse proxy. The director function returns, indicating that the proxy has parsed the query parameters. Proxies that do not parse query parameters continue to forward the original query parameters unchanged.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity to exploit this vulnerability is limited to the Golang runtime. In the case of the OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:9dfd605af04df668214f21f19da41dfd669fc905a3888ddb178f285cef5b03e3_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d440e26f11f81d795c5b41b4110aea350b6475d42bc0f6dcc442f5808aaca9d7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d472102becfa09546580fd54704e2b1556398c5d0a0362a99fc108debff6954d_s390x"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2592551270d7dbb3aeff227eeb06c20ca14641e6f8f7f59f7ec2d5b38d740008_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:3548d98637c8573c036e28121f61c3429d5061cb32a193eb71394b2103089c6d_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ebdf2c40a0ca3871e085f5b1ee8653d9074d6417b00cc740a3290ee3af3169ee_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:1d7f1f396fe68805c144d1a538ba464f5a1efaa8cb09c9069cdbf69a6bb77c6f_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:3c296126466e6d5795ea325c06d8e9f477f58aa5f5f83d9cfaec7df7b9429c5f_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:ee2a7436fe117ae745c721cabd51c2779a0c1d6b2f67c2b3b7ee182c17a74061_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:9176a624a42b1d54f55a71a599f0ca80be7fd81894783e36fcc268227d694f24_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a09561642d2e4016ed90e7850f2891a4c9cf89c7f3693392763d1ccf57096c27_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:fb9c4f7ff88c95bc8125610339ccd25f04033c3d4194ef3435cf67a7123e9002_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:71f603874bc47c4a2ceb968687de865ef0f28b08d077e83026bb401bd9ae8748_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7fa56d2a84a3be27d149e624be0385590e6b2193974373b2c829b322e28e270b_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:dcddfcc46a0c0a904fc0b444bbc4dbd8f04bf577d5a7be49524cb0b52b2a0abe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0df302701b9ce8ff480ab417eb8752c2782469f6bc0131570ca3c063f7d6a96d_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:3503e8a706e573d498bd1ee21561a1612e33b4e3ca6d4ad9d97338681dc3cdf7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:60b69812981b289b5e7e3052ceb2d5a7c0c14a9353aed10ad8f3da89f0674079_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:5d76a818dd642216f0a20b5324aa2125306e1cdfafc06a968da66537a589e0c2_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:6647c6226f0d688aa0509bf3975c9c5cf7fb36ca19fa79e33e37ff97598ed7f5_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbde2697cb2e57aa7d6655534c3677c5fc86b19710a7b870f1c6b9003033b4e8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:000c106d6f3df71a7bfe7f4dab2705eae66075f47ae9a79cdbe9b7c092a7f969_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:99e71ef7d2317bae5967978efaf0557a2f4cb346504646bb2c42f9b1f890a1e2_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a8fdc9851bac1b31f446e149d24511bd31f1a4b0a5836493cad923a58ad19399_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2034cbd6c4b42f832cb02c49d224ea8c51097db4eae35955f66543fae1867a8_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:bd3898823b9634235e5b17793b42fb67ecb28758c3ed63eca2e51be3fe415c14_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:ca4895fc7d135749e88c33ed819fc41e08d216ca4b53abf488a68b4659b035ee_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:34af5f104eb6bf621eb85eb91adea036f738eba6a343dbb1b8e10f529461f152_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:b6c30ed53411f9e427e28e5768d330e3325ecd0e9f8cc999c8c5e94c2f639faa_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:ee21d5439e5cda864e4c6bb3f24d30fb1a63a562ec16dcae9d0205fcc39d9970_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:021392da75c14255a6381a1ace934f7a546de5dccd38ab8a8bdc43a45b4fd7eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:0a6abd7813f4588a00dbf6a2d34c000b74329e7018fb794a89db369511782c3c_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:130d858d1ee18d0e1cad5368298c8916b7708f6755cfd80e3d1975c0e91ddca8_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:225b98dba7f2f210b4684f256b5abf2058e7d45db64f0bc7f46891832fc11315_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:97068c64c6eb54a26f665eeac2ff0b4e23ec97b6421044cbaa31093e9b797b62_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:be374c3070caf23563762952b8b181721f3869761fc837ee9b5d67d317031169_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-2880"
},
{
"category": "external",
"summary": "RHBZ#2132868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2880"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/54663",
"url": "https://github.com/golang/go/issues/54663"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-09T01:24:50+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:9dfd605af04df668214f21f19da41dfd669fc905a3888ddb178f285cef5b03e3_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d440e26f11f81d795c5b41b4110aea350b6475d42bc0f6dcc442f5808aaca9d7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d472102becfa09546580fd54704e2b1556398c5d0a0362a99fc108debff6954d_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1174"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:9dfd605af04df668214f21f19da41dfd669fc905a3888ddb178f285cef5b03e3_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d440e26f11f81d795c5b41b4110aea350b6475d42bc0f6dcc442f5808aaca9d7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d472102becfa09546580fd54704e2b1556398c5d0a0362a99fc108debff6954d_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters"
},
{
"acknowledgments": [
{
"names": [
"Adam Korczynski"
],
"organization": "ADA Logics"
},
{
"names": [
"OSS-Fuzz"
]
}
],
"cve": "CVE-2022-41715",
"discovery_date": "2022-10-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2592551270d7dbb3aeff227eeb06c20ca14641e6f8f7f59f7ec2d5b38d740008_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:3548d98637c8573c036e28121f61c3429d5061cb32a193eb71394b2103089c6d_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ebdf2c40a0ca3871e085f5b1ee8653d9074d6417b00cc740a3290ee3af3169ee_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:1d7f1f396fe68805c144d1a538ba464f5a1efaa8cb09c9069cdbf69a6bb77c6f_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:3c296126466e6d5795ea325c06d8e9f477f58aa5f5f83d9cfaec7df7b9429c5f_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:ee2a7436fe117ae745c721cabd51c2779a0c1d6b2f67c2b3b7ee182c17a74061_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:9176a624a42b1d54f55a71a599f0ca80be7fd81894783e36fcc268227d694f24_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a09561642d2e4016ed90e7850f2891a4c9cf89c7f3693392763d1ccf57096c27_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:fb9c4f7ff88c95bc8125610339ccd25f04033c3d4194ef3435cf67a7123e9002_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:71f603874bc47c4a2ceb968687de865ef0f28b08d077e83026bb401bd9ae8748_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7fa56d2a84a3be27d149e624be0385590e6b2193974373b2c829b322e28e270b_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:dcddfcc46a0c0a904fc0b444bbc4dbd8f04bf577d5a7be49524cb0b52b2a0abe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0df302701b9ce8ff480ab417eb8752c2782469f6bc0131570ca3c063f7d6a96d_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:3503e8a706e573d498bd1ee21561a1612e33b4e3ca6d4ad9d97338681dc3cdf7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:60b69812981b289b5e7e3052ceb2d5a7c0c14a9353aed10ad8f3da89f0674079_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:5d76a818dd642216f0a20b5324aa2125306e1cdfafc06a968da66537a589e0c2_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:6647c6226f0d688aa0509bf3975c9c5cf7fb36ca19fa79e33e37ff97598ed7f5_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbde2697cb2e57aa7d6655534c3677c5fc86b19710a7b870f1c6b9003033b4e8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:000c106d6f3df71a7bfe7f4dab2705eae66075f47ae9a79cdbe9b7c092a7f969_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:99e71ef7d2317bae5967978efaf0557a2f4cb346504646bb2c42f9b1f890a1e2_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a8fdc9851bac1b31f446e149d24511bd31f1a4b0a5836493cad923a58ad19399_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2034cbd6c4b42f832cb02c49d224ea8c51097db4eae35955f66543fae1867a8_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:bd3898823b9634235e5b17793b42fb67ecb28758c3ed63eca2e51be3fe415c14_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:ca4895fc7d135749e88c33ed819fc41e08d216ca4b53abf488a68b4659b035ee_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:34af5f104eb6bf621eb85eb91adea036f738eba6a343dbb1b8e10f529461f152_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:b6c30ed53411f9e427e28e5768d330e3325ecd0e9f8cc999c8c5e94c2f639faa_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:ee21d5439e5cda864e4c6bb3f24d30fb1a63a562ec16dcae9d0205fcc39d9970_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:021392da75c14255a6381a1ace934f7a546de5dccd38ab8a8bdc43a45b4fd7eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:0a6abd7813f4588a00dbf6a2d34c000b74329e7018fb794a89db369511782c3c_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:130d858d1ee18d0e1cad5368298c8916b7708f6755cfd80e3d1975c0e91ddca8_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:225b98dba7f2f210b4684f256b5abf2058e7d45db64f0bc7f46891832fc11315_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:97068c64c6eb54a26f665eeac2ff0b4e23ec97b6421044cbaa31093e9b797b62_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:be374c3070caf23563762952b8b181721f3869761fc837ee9b5d67d317031169_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2132872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang package, where programs that compile regular expressions from untrusted sources are vulnerable to memory exhaustion or a denial of service. The parsed regexp representation is linear in the input size. Still, in some cases, the constant factor can be as high as 40,000, making a relatively small regexp consume larger amounts of memory. After the fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Routine use of regular expressions is unaffected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: regexp/syntax: limit memory used by parsing regexps",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The opportunity for a Denial of Service is limited to the golang runtime. In the case of OpenShift Container Platform, this would be restricted within each individual container. There are multiple layers of guide rails (Golang\u2019s Garbage Collector; OpenShift\u2019s resource constraints imposed at the container and cluster levels) which would require a malicious user to continue submitting attacks for there to be any enduring impact. They would also need access to external server resources to be able to send a massive volume of requests to cause a significant impact on server operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:9dfd605af04df668214f21f19da41dfd669fc905a3888ddb178f285cef5b03e3_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d440e26f11f81d795c5b41b4110aea350b6475d42bc0f6dcc442f5808aaca9d7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d472102becfa09546580fd54704e2b1556398c5d0a0362a99fc108debff6954d_s390x"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2592551270d7dbb3aeff227eeb06c20ca14641e6f8f7f59f7ec2d5b38d740008_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:3548d98637c8573c036e28121f61c3429d5061cb32a193eb71394b2103089c6d_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ebdf2c40a0ca3871e085f5b1ee8653d9074d6417b00cc740a3290ee3af3169ee_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:1d7f1f396fe68805c144d1a538ba464f5a1efaa8cb09c9069cdbf69a6bb77c6f_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:3c296126466e6d5795ea325c06d8e9f477f58aa5f5f83d9cfaec7df7b9429c5f_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:ee2a7436fe117ae745c721cabd51c2779a0c1d6b2f67c2b3b7ee182c17a74061_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:9176a624a42b1d54f55a71a599f0ca80be7fd81894783e36fcc268227d694f24_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a09561642d2e4016ed90e7850f2891a4c9cf89c7f3693392763d1ccf57096c27_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:fb9c4f7ff88c95bc8125610339ccd25f04033c3d4194ef3435cf67a7123e9002_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:71f603874bc47c4a2ceb968687de865ef0f28b08d077e83026bb401bd9ae8748_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7fa56d2a84a3be27d149e624be0385590e6b2193974373b2c829b322e28e270b_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:dcddfcc46a0c0a904fc0b444bbc4dbd8f04bf577d5a7be49524cb0b52b2a0abe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0df302701b9ce8ff480ab417eb8752c2782469f6bc0131570ca3c063f7d6a96d_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:3503e8a706e573d498bd1ee21561a1612e33b4e3ca6d4ad9d97338681dc3cdf7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:60b69812981b289b5e7e3052ceb2d5a7c0c14a9353aed10ad8f3da89f0674079_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:5d76a818dd642216f0a20b5324aa2125306e1cdfafc06a968da66537a589e0c2_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:6647c6226f0d688aa0509bf3975c9c5cf7fb36ca19fa79e33e37ff97598ed7f5_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbde2697cb2e57aa7d6655534c3677c5fc86b19710a7b870f1c6b9003033b4e8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:000c106d6f3df71a7bfe7f4dab2705eae66075f47ae9a79cdbe9b7c092a7f969_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:99e71ef7d2317bae5967978efaf0557a2f4cb346504646bb2c42f9b1f890a1e2_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a8fdc9851bac1b31f446e149d24511bd31f1a4b0a5836493cad923a58ad19399_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2034cbd6c4b42f832cb02c49d224ea8c51097db4eae35955f66543fae1867a8_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:bd3898823b9634235e5b17793b42fb67ecb28758c3ed63eca2e51be3fe415c14_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:ca4895fc7d135749e88c33ed819fc41e08d216ca4b53abf488a68b4659b035ee_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:34af5f104eb6bf621eb85eb91adea036f738eba6a343dbb1b8e10f529461f152_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:b6c30ed53411f9e427e28e5768d330e3325ecd0e9f8cc999c8c5e94c2f639faa_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:ee21d5439e5cda864e4c6bb3f24d30fb1a63a562ec16dcae9d0205fcc39d9970_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:021392da75c14255a6381a1ace934f7a546de5dccd38ab8a8bdc43a45b4fd7eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:0a6abd7813f4588a00dbf6a2d34c000b74329e7018fb794a89db369511782c3c_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:130d858d1ee18d0e1cad5368298c8916b7708f6755cfd80e3d1975c0e91ddca8_amd64",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:225b98dba7f2f210b4684f256b5abf2058e7d45db64f0bc7f46891832fc11315_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:97068c64c6eb54a26f665eeac2ff0b4e23ec97b6421044cbaa31093e9b797b62_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:be374c3070caf23563762952b8b181721f3869761fc837ee9b5d67d317031169_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41715"
},
{
"category": "external",
"summary": "RHBZ#2132872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41715"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/55949",
"url": "https://github.com/golang/go/issues/55949"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/xtuG5faxtaU?pli=1"
}
],
"release_date": "2022-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-09T01:24:50+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:9dfd605af04df668214f21f19da41dfd669fc905a3888ddb178f285cef5b03e3_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d440e26f11f81d795c5b41b4110aea350b6475d42bc0f6dcc442f5808aaca9d7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d472102becfa09546580fd54704e2b1556398c5d0a0362a99fc108debff6954d_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1174"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:9dfd605af04df668214f21f19da41dfd669fc905a3888ddb178f285cef5b03e3_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d440e26f11f81d795c5b41b4110aea350b6475d42bc0f6dcc442f5808aaca9d7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d472102becfa09546580fd54704e2b1556398c5d0a0362a99fc108debff6954d_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: regexp/syntax: limit memory used by parsing regexps"
},
{
"cve": "CVE-2022-41717",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-01-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:9176a624a42b1d54f55a71a599f0ca80be7fd81894783e36fcc268227d694f24_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a09561642d2e4016ed90e7850f2891a4c9cf89c7f3693392763d1ccf57096c27_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:fb9c4f7ff88c95bc8125610339ccd25f04033c3d4194ef3435cf67a7123e9002_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2161274"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within Red Hat OpenShift Container Platform, the grafana container is listed as will not fix. Since OCP 4.10, Grafana itself is not shipped and the Grafana web server is protected behind an OAuth proxy server.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2592551270d7dbb3aeff227eeb06c20ca14641e6f8f7f59f7ec2d5b38d740008_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:3548d98637c8573c036e28121f61c3429d5061cb32a193eb71394b2103089c6d_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ebdf2c40a0ca3871e085f5b1ee8653d9074d6417b00cc740a3290ee3af3169ee_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:1d7f1f396fe68805c144d1a538ba464f5a1efaa8cb09c9069cdbf69a6bb77c6f_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:3c296126466e6d5795ea325c06d8e9f477f58aa5f5f83d9cfaec7df7b9429c5f_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:ee2a7436fe117ae745c721cabd51c2779a0c1d6b2f67c2b3b7ee182c17a74061_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:71f603874bc47c4a2ceb968687de865ef0f28b08d077e83026bb401bd9ae8748_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7fa56d2a84a3be27d149e624be0385590e6b2193974373b2c829b322e28e270b_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:dcddfcc46a0c0a904fc0b444bbc4dbd8f04bf577d5a7be49524cb0b52b2a0abe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0df302701b9ce8ff480ab417eb8752c2782469f6bc0131570ca3c063f7d6a96d_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:3503e8a706e573d498bd1ee21561a1612e33b4e3ca6d4ad9d97338681dc3cdf7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:60b69812981b289b5e7e3052ceb2d5a7c0c14a9353aed10ad8f3da89f0674079_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:5d76a818dd642216f0a20b5324aa2125306e1cdfafc06a968da66537a589e0c2_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:6647c6226f0d688aa0509bf3975c9c5cf7fb36ca19fa79e33e37ff97598ed7f5_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbde2697cb2e57aa7d6655534c3677c5fc86b19710a7b870f1c6b9003033b4e8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:000c106d6f3df71a7bfe7f4dab2705eae66075f47ae9a79cdbe9b7c092a7f969_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:99e71ef7d2317bae5967978efaf0557a2f4cb346504646bb2c42f9b1f890a1e2_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a8fdc9851bac1b31f446e149d24511bd31f1a4b0a5836493cad923a58ad19399_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2034cbd6c4b42f832cb02c49d224ea8c51097db4eae35955f66543fae1867a8_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:bd3898823b9634235e5b17793b42fb67ecb28758c3ed63eca2e51be3fe415c14_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:ca4895fc7d135749e88c33ed819fc41e08d216ca4b53abf488a68b4659b035ee_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:34af5f104eb6bf621eb85eb91adea036f738eba6a343dbb1b8e10f529461f152_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:b6c30ed53411f9e427e28e5768d330e3325ecd0e9f8cc999c8c5e94c2f639faa_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:ee21d5439e5cda864e4c6bb3f24d30fb1a63a562ec16dcae9d0205fcc39d9970_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:021392da75c14255a6381a1ace934f7a546de5dccd38ab8a8bdc43a45b4fd7eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:0a6abd7813f4588a00dbf6a2d34c000b74329e7018fb794a89db369511782c3c_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:130d858d1ee18d0e1cad5368298c8916b7708f6755cfd80e3d1975c0e91ddca8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:9dfd605af04df668214f21f19da41dfd669fc905a3888ddb178f285cef5b03e3_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d440e26f11f81d795c5b41b4110aea350b6475d42bc0f6dcc442f5808aaca9d7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d472102becfa09546580fd54704e2b1556398c5d0a0362a99fc108debff6954d_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:225b98dba7f2f210b4684f256b5abf2058e7d45db64f0bc7f46891832fc11315_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:97068c64c6eb54a26f665eeac2ff0b4e23ec97b6421044cbaa31093e9b797b62_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:be374c3070caf23563762952b8b181721f3869761fc837ee9b5d67d317031169_amd64"
],
"known_not_affected": [
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:9176a624a42b1d54f55a71a599f0ca80be7fd81894783e36fcc268227d694f24_ppc64le",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:a09561642d2e4016ed90e7850f2891a4c9cf89c7f3693392763d1ccf57096c27_amd64",
"8Base-OADP-1.1:oadp/oadp-operator-bundle@sha256:fb9c4f7ff88c95bc8125610339ccd25f04033c3d4194ef3435cf67a7123e9002_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41717"
},
{
"category": "external",
"summary": "RHBZ#2161274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717"
},
{
"category": "external",
"summary": "https://go.dev/cl/455635",
"url": "https://go.dev/cl/455635"
},
{
"category": "external",
"summary": "https://go.dev/cl/455717",
"url": "https://go.dev/cl/455717"
},
{
"category": "external",
"summary": "https://go.dev/issue/56350",
"url": "https://go.dev/issue/56350"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ",
"url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2022-1144",
"url": "https://pkg.go.dev/vuln/GO-2022-1144"
}
],
"release_date": "2022-11-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-03-09T01:24:50+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2592551270d7dbb3aeff227eeb06c20ca14641e6f8f7f59f7ec2d5b38d740008_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:3548d98637c8573c036e28121f61c3429d5061cb32a193eb71394b2103089c6d_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ebdf2c40a0ca3871e085f5b1ee8653d9074d6417b00cc740a3290ee3af3169ee_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:1d7f1f396fe68805c144d1a538ba464f5a1efaa8cb09c9069cdbf69a6bb77c6f_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:3c296126466e6d5795ea325c06d8e9f477f58aa5f5f83d9cfaec7df7b9429c5f_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:ee2a7436fe117ae745c721cabd51c2779a0c1d6b2f67c2b3b7ee182c17a74061_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:71f603874bc47c4a2ceb968687de865ef0f28b08d077e83026bb401bd9ae8748_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7fa56d2a84a3be27d149e624be0385590e6b2193974373b2c829b322e28e270b_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:dcddfcc46a0c0a904fc0b444bbc4dbd8f04bf577d5a7be49524cb0b52b2a0abe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0df302701b9ce8ff480ab417eb8752c2782469f6bc0131570ca3c063f7d6a96d_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:3503e8a706e573d498bd1ee21561a1612e33b4e3ca6d4ad9d97338681dc3cdf7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:60b69812981b289b5e7e3052ceb2d5a7c0c14a9353aed10ad8f3da89f0674079_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:5d76a818dd642216f0a20b5324aa2125306e1cdfafc06a968da66537a589e0c2_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:6647c6226f0d688aa0509bf3975c9c5cf7fb36ca19fa79e33e37ff97598ed7f5_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbde2697cb2e57aa7d6655534c3677c5fc86b19710a7b870f1c6b9003033b4e8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:000c106d6f3df71a7bfe7f4dab2705eae66075f47ae9a79cdbe9b7c092a7f969_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:99e71ef7d2317bae5967978efaf0557a2f4cb346504646bb2c42f9b1f890a1e2_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a8fdc9851bac1b31f446e149d24511bd31f1a4b0a5836493cad923a58ad19399_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2034cbd6c4b42f832cb02c49d224ea8c51097db4eae35955f66543fae1867a8_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:bd3898823b9634235e5b17793b42fb67ecb28758c3ed63eca2e51be3fe415c14_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:ca4895fc7d135749e88c33ed819fc41e08d216ca4b53abf488a68b4659b035ee_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:34af5f104eb6bf621eb85eb91adea036f738eba6a343dbb1b8e10f529461f152_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:b6c30ed53411f9e427e28e5768d330e3325ecd0e9f8cc999c8c5e94c2f639faa_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:ee21d5439e5cda864e4c6bb3f24d30fb1a63a562ec16dcae9d0205fcc39d9970_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:021392da75c14255a6381a1ace934f7a546de5dccd38ab8a8bdc43a45b4fd7eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:0a6abd7813f4588a00dbf6a2d34c000b74329e7018fb794a89db369511782c3c_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:130d858d1ee18d0e1cad5368298c8916b7708f6755cfd80e3d1975c0e91ddca8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:9dfd605af04df668214f21f19da41dfd669fc905a3888ddb178f285cef5b03e3_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d440e26f11f81d795c5b41b4110aea350b6475d42bc0f6dcc442f5808aaca9d7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d472102becfa09546580fd54704e2b1556398c5d0a0362a99fc108debff6954d_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:225b98dba7f2f210b4684f256b5abf2058e7d45db64f0bc7f46891832fc11315_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:97068c64c6eb54a26f665eeac2ff0b4e23ec97b6421044cbaa31093e9b797b62_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:be374c3070caf23563762952b8b181721f3869761fc837ee9b5d67d317031169_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1174"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:2592551270d7dbb3aeff227eeb06c20ca14641e6f8f7f59f7ec2d5b38d740008_s390x",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:3548d98637c8573c036e28121f61c3429d5061cb32a193eb71394b2103089c6d_amd64",
"8Base-OADP-1.1:oadp/oadp-kubevirt-velero-plugin-rhel8@sha256:ebdf2c40a0ca3871e085f5b1ee8653d9074d6417b00cc740a3290ee3af3169ee_ppc64le",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:1d7f1f396fe68805c144d1a538ba464f5a1efaa8cb09c9069cdbf69a6bb77c6f_s390x",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:3c296126466e6d5795ea325c06d8e9f477f58aa5f5f83d9cfaec7df7b9429c5f_amd64",
"8Base-OADP-1.1:oadp/oadp-mustgather-rhel8@sha256:ee2a7436fe117ae745c721cabd51c2779a0c1d6b2f67c2b3b7ee182c17a74061_ppc64le",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:71f603874bc47c4a2ceb968687de865ef0f28b08d077e83026bb401bd9ae8748_amd64",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:7fa56d2a84a3be27d149e624be0385590e6b2193974373b2c829b322e28e270b_s390x",
"8Base-OADP-1.1:oadp/oadp-rhel8-operator@sha256:dcddfcc46a0c0a904fc0b444bbc4dbd8f04bf577d5a7be49524cb0b52b2a0abe_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:0df302701b9ce8ff480ab417eb8752c2782469f6bc0131570ca3c063f7d6a96d_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:3503e8a706e573d498bd1ee21561a1612e33b4e3ca6d4ad9d97338681dc3cdf7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-aws-rhel8@sha256:60b69812981b289b5e7e3052ceb2d5a7c0c14a9353aed10ad8f3da89f0674079_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:5d76a818dd642216f0a20b5324aa2125306e1cdfafc06a968da66537a589e0c2_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:6647c6226f0d688aa0509bf3975c9c5cf7fb36ca19fa79e33e37ff97598ed7f5_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-csi-rhel8@sha256:fbde2697cb2e57aa7d6655534c3677c5fc86b19710a7b870f1c6b9003033b4e8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:000c106d6f3df71a7bfe7f4dab2705eae66075f47ae9a79cdbe9b7c092a7f969_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:99e71ef7d2317bae5967978efaf0557a2f4cb346504646bb2c42f9b1f890a1e2_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-gcp-rhel8@sha256:a8fdc9851bac1b31f446e149d24511bd31f1a4b0a5836493cad923a58ad19399_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:b2034cbd6c4b42f832cb02c49d224ea8c51097db4eae35955f66543fae1867a8_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:bd3898823b9634235e5b17793b42fb67ecb28758c3ed63eca2e51be3fe415c14_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-for-microsoft-azure-rhel8@sha256:ca4895fc7d135749e88c33ed819fc41e08d216ca4b53abf488a68b4659b035ee_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:34af5f104eb6bf621eb85eb91adea036f738eba6a343dbb1b8e10f529461f152_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:b6c30ed53411f9e427e28e5768d330e3325ecd0e9f8cc999c8c5e94c2f639faa_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-plugin-rhel8@sha256:ee21d5439e5cda864e4c6bb3f24d30fb1a63a562ec16dcae9d0205fcc39d9970_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:021392da75c14255a6381a1ace934f7a546de5dccd38ab8a8bdc43a45b4fd7eb_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:0a6abd7813f4588a00dbf6a2d34c000b74329e7018fb794a89db369511782c3c_s390x",
"8Base-OADP-1.1:oadp/oadp-velero-restic-restore-helper-rhel8@sha256:130d858d1ee18d0e1cad5368298c8916b7708f6755cfd80e3d1975c0e91ddca8_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:9dfd605af04df668214f21f19da41dfd669fc905a3888ddb178f285cef5b03e3_amd64",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d440e26f11f81d795c5b41b4110aea350b6475d42bc0f6dcc442f5808aaca9d7_ppc64le",
"8Base-OADP-1.1:oadp/oadp-velero-rhel8@sha256:d472102becfa09546580fd54704e2b1556398c5d0a0362a99fc108debff6954d_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:225b98dba7f2f210b4684f256b5abf2058e7d45db64f0bc7f46891832fc11315_s390x",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:97068c64c6eb54a26f665eeac2ff0b4e23ec97b6421044cbaa31093e9b797b62_ppc64le",
"8Base-OADP-1.1:oadp/oadp-volume-snapshot-mover-rhel8@sha256:be374c3070caf23563762952b8b181721f3869761fc837ee9b5d67d317031169_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests"
}
]
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.