rhsa-2023_5029
Vulnerability from csaf_redhat
Published
2023-09-08 13:00
Modified
2024-11-06 03:38
Summary
Red Hat Security Advisory: Red Hat OpenShift GitOps security update
Notes
Topic
An update is now available for Red Hat OpenShift GitOps 1.9.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Security Fix(es):
* ArgoCD: secrets can be leaked through kubectl.kubernetes.io/last-applied-configuration (CVE-2023-40029)
* ArgoCD: Denial of Service to Argo CD repo-server (CVE-2023-40584)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift GitOps 1.9.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Security Fix(es):\n\n* ArgoCD: secrets can be leaked through kubectl.kubernetes.io/last-applied-configuration (CVE-2023-40029)\n\n* ArgoCD: Denial of Service to Argo CD repo-server (CVE-2023-40584)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:5029",
"url": "https://access.redhat.com/errata/RHSA-2023:5029"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "2233203",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2233203"
},
{
"category": "external",
"summary": "2236530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236530"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5029.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift GitOps security update",
"tracking": {
"current_release_date": "2024-11-06T03:38:33+00:00",
"generator": {
"date": "2024-11-06T03:38:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2023:5029",
"initial_release_date": "2023-09-08T13:00:32+00:00",
"revision_history": [
{
"date": "2023-09-08T13:00:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-09-08T13:00:32+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-06T03:38:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.9",
"product": {
"name": "Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.9::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:03d223c3928b2284d2ab6870652a8a34bb56e05f52388f0f90174da05f670535_arm64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:03d223c3928b2284d2ab6870652a8a34bb56e05f52388f0f90174da05f670535_arm64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:03d223c3928b2284d2ab6870652a8a34bb56e05f52388f0f90174da05f670535_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:03d223c3928b2284d2ab6870652a8a34bb56e05f52388f0f90174da05f670535?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:d29dcb4565dfa3750254ac943059452c7f9e8f6c6ff7ca1ea19ac8e51bd10b1b_arm64",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:d29dcb4565dfa3750254ac943059452c7f9e8f6c6ff7ca1ea19ac8e51bd10b1b_arm64",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:d29dcb4565dfa3750254ac943059452c7f9e8f6c6ff7ca1ea19ac8e51bd10b1b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:d29dcb4565dfa3750254ac943059452c7f9e8f6c6ff7ca1ea19ac8e51bd10b1b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:6c0e00705e55f098a6927b93af39bc9e645eb989b58957eab6b0c6560c3f9952_arm64",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:6c0e00705e55f098a6927b93af39bc9e645eb989b58957eab6b0c6560c3f9952_arm64",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:6c0e00705e55f098a6927b93af39bc9e645eb989b58957eab6b0c6560c3f9952_arm64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:6c0e00705e55f098a6927b93af39bc9e645eb989b58957eab6b0c6560c3f9952?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:fcd40768542ab495c16147d412a36759ee55a9bec58a90224f27e89ca3772178_arm64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:fcd40768542ab495c16147d412a36759ee55a9bec58a90224f27e89ca3772178_arm64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:fcd40768542ab495c16147d412a36759ee55a9bec58a90224f27e89ca3772178_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:fcd40768542ab495c16147d412a36759ee55a9bec58a90224f27e89ca3772178?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:ea441e824727aaaf3603d111bb8041a6062832ba99f341eba6af46f206e14f21_arm64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:ea441e824727aaaf3603d111bb8041a6062832ba99f341eba6af46f206e14f21_arm64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:ea441e824727aaaf3603d111bb8041a6062832ba99f341eba6af46f206e14f21_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:ea441e824727aaaf3603d111bb8041a6062832ba99f341eba6af46f206e14f21?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:86877c978adc1f22d87199fd23ea6f5fa05412badad3b3d3cbc74ba63a9a8721_arm64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:86877c978adc1f22d87199fd23ea6f5fa05412badad3b3d3cbc74ba63a9a8721_arm64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:86877c978adc1f22d87199fd23ea6f5fa05412badad3b3d3cbc74ba63a9a8721_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:86877c978adc1f22d87199fd23ea6f5fa05412badad3b3d3cbc74ba63a9a8721?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:e6375ddb6b79f665f7c76a785d1e66dbc77d6cf72799d8f64cc71a1881c699b2_arm64",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:e6375ddb6b79f665f7c76a785d1e66dbc77d6cf72799d8f64cc71a1881c699b2_arm64",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:e6375ddb6b79f665f7c76a785d1e66dbc77d6cf72799d8f64cc71a1881c699b2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:e6375ddb6b79f665f7c76a785d1e66dbc77d6cf72799d8f64cc71a1881c699b2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:8704816375bd42dc5d9dc442694e511cb7307fce42090c5a335a320951f65f92_arm64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:8704816375bd42dc5d9dc442694e511cb7307fce42090c5a335a320951f65f92_arm64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:8704816375bd42dc5d9dc442694e511cb7307fce42090c5a335a320951f65f92_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:8704816375bd42dc5d9dc442694e511cb7307fce42090c5a335a320951f65f92?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.9.2-2"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:f0054516df984bda47e005a2aaa5e7256c3039429aa5aa37c1a4b0f6f7942519_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:f0054516df984bda47e005a2aaa5e7256c3039429aa5aa37c1a4b0f6f7942519_amd64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:f0054516df984bda47e005a2aaa5e7256c3039429aa5aa37c1a4b0f6f7942519_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:f0054516df984bda47e005a2aaa5e7256c3039429aa5aa37c1a4b0f6f7942519?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:7048e08a52ebcbf6ee3e2c70c6b12b92a044899e976a98ccf398931c01a48333_amd64",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:7048e08a52ebcbf6ee3e2c70c6b12b92a044899e976a98ccf398931c01a48333_amd64",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:7048e08a52ebcbf6ee3e2c70c6b12b92a044899e976a98ccf398931c01a48333_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:7048e08a52ebcbf6ee3e2c70c6b12b92a044899e976a98ccf398931c01a48333?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:7a0128152d1f40c8a9b908ca40518cbee671755b0749eb602bfaec51223ac4d3_amd64",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:7a0128152d1f40c8a9b908ca40518cbee671755b0749eb602bfaec51223ac4d3_amd64",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:7a0128152d1f40c8a9b908ca40518cbee671755b0749eb602bfaec51223ac4d3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:7a0128152d1f40c8a9b908ca40518cbee671755b0749eb602bfaec51223ac4d3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:97b6649067c47e120f8b38bec0c34904d941d408d12fda8350a09650fbb229a2_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:97b6649067c47e120f8b38bec0c34904d941d408d12fda8350a09650fbb229a2_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:97b6649067c47e120f8b38bec0c34904d941d408d12fda8350a09650fbb229a2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:97b6649067c47e120f8b38bec0c34904d941d408d12fda8350a09650fbb229a2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:c413aa3194057340397bf9800d8460f5907f744e992cd2c77a5749e1afd76b79_amd64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:c413aa3194057340397bf9800d8460f5907f744e992cd2c77a5749e1afd76b79_amd64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:c413aa3194057340397bf9800d8460f5907f744e992cd2c77a5749e1afd76b79_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:c413aa3194057340397bf9800d8460f5907f744e992cd2c77a5749e1afd76b79?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:3bf8384e62a5540ea4bcd8d86170647ea6c5a84f090d56ca38037a41d5494c6c_amd64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:3bf8384e62a5540ea4bcd8d86170647ea6c5a84f090d56ca38037a41d5494c6c_amd64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:3bf8384e62a5540ea4bcd8d86170647ea6c5a84f090d56ca38037a41d5494c6c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:3bf8384e62a5540ea4bcd8d86170647ea6c5a84f090d56ca38037a41d5494c6c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:f55e668c4fd9beb02af82d79e107aa39d4e849a3ecdf20eedaa8bb81bea8062b_amd64",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:f55e668c4fd9beb02af82d79e107aa39d4e849a3ecdf20eedaa8bb81bea8062b_amd64",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:f55e668c4fd9beb02af82d79e107aa39d4e849a3ecdf20eedaa8bb81bea8062b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:f55e668c4fd9beb02af82d79e107aa39d4e849a3ecdf20eedaa8bb81bea8062b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:2201eec03ba3e0b01a5e2352d9a158c8d4e10063b699c1239c7a9eedc717dfa8_amd64",
"product": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:2201eec03ba3e0b01a5e2352d9a158c8d4e10063b699c1239c7a9eedc717dfa8_amd64",
"product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:2201eec03ba3e0b01a5e2352d9a158c8d4e10063b699c1239c7a9eedc717dfa8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256:2201eec03ba3e0b01a5e2352d9a158c8d4e10063b699c1239c7a9eedc717dfa8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:e1ac5234661969b0d0ec93b1d029a9b9d3e7f6f9d89ecf0334db98f1a2b251f2_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:e1ac5234661969b0d0ec93b1d029a9b9d3e7f6f9d89ecf0334db98f1a2b251f2_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:e1ac5234661969b0d0ec93b1d029a9b9d3e7f6f9d89ecf0334db98f1a2b251f2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:e1ac5234661969b0d0ec93b1d029a9b9d3e7f6f9d89ecf0334db98f1a2b251f2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.9.2-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:29921e02d3d3620ac789825260158e85b501faebfec67276308e4440f2c40ccc_s390x",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:29921e02d3d3620ac789825260158e85b501faebfec67276308e4440f2c40ccc_s390x",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:29921e02d3d3620ac789825260158e85b501faebfec67276308e4440f2c40ccc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:29921e02d3d3620ac789825260158e85b501faebfec67276308e4440f2c40ccc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:747f8e0c69886810a16418f88d4b6796f50566ac02680b4f3d9136c03b38b41f_s390x",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:747f8e0c69886810a16418f88d4b6796f50566ac02680b4f3d9136c03b38b41f_s390x",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:747f8e0c69886810a16418f88d4b6796f50566ac02680b4f3d9136c03b38b41f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:747f8e0c69886810a16418f88d4b6796f50566ac02680b4f3d9136c03b38b41f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:9ca8dacee46cb72f5ae2936ee737875c35f3feb4e405a4fac4513038867496ae_s390x",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:9ca8dacee46cb72f5ae2936ee737875c35f3feb4e405a4fac4513038867496ae_s390x",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:9ca8dacee46cb72f5ae2936ee737875c35f3feb4e405a4fac4513038867496ae_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:9ca8dacee46cb72f5ae2936ee737875c35f3feb4e405a4fac4513038867496ae?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:b57adda5e21a2a4a7bd301d27a301c5f8faf9bbfefcaf33a4b25be7508f243f8_s390x",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:b57adda5e21a2a4a7bd301d27a301c5f8faf9bbfefcaf33a4b25be7508f243f8_s390x",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:b57adda5e21a2a4a7bd301d27a301c5f8faf9bbfefcaf33a4b25be7508f243f8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:b57adda5e21a2a4a7bd301d27a301c5f8faf9bbfefcaf33a4b25be7508f243f8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:5c9950c9bf0fa1ca260d57eac882ad6123d45b305aafe5bc6d8bef15f2ef2eb9_s390x",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:5c9950c9bf0fa1ca260d57eac882ad6123d45b305aafe5bc6d8bef15f2ef2eb9_s390x",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:5c9950c9bf0fa1ca260d57eac882ad6123d45b305aafe5bc6d8bef15f2ef2eb9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:5c9950c9bf0fa1ca260d57eac882ad6123d45b305aafe5bc6d8bef15f2ef2eb9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:7fcc5fb4733d4d733b47fc24dd92f902ce9f54ee5bbc42ce6e2376b9a8eb7e81_s390x",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:7fcc5fb4733d4d733b47fc24dd92f902ce9f54ee5bbc42ce6e2376b9a8eb7e81_s390x",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:7fcc5fb4733d4d733b47fc24dd92f902ce9f54ee5bbc42ce6e2376b9a8eb7e81_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:7fcc5fb4733d4d733b47fc24dd92f902ce9f54ee5bbc42ce6e2376b9a8eb7e81?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:67b6c9b9ae88c126653b774276ae66ced91ff84cb7809c3b2af57b00f5ae32e4_s390x",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:67b6c9b9ae88c126653b774276ae66ced91ff84cb7809c3b2af57b00f5ae32e4_s390x",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:67b6c9b9ae88c126653b774276ae66ced91ff84cb7809c3b2af57b00f5ae32e4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:67b6c9b9ae88c126653b774276ae66ced91ff84cb7809c3b2af57b00f5ae32e4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:5c4fbf250c9af004dbc57b71a208635798f7c95e0a099d7560c0efd95d007c0e_s390x",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:5c4fbf250c9af004dbc57b71a208635798f7c95e0a099d7560c0efd95d007c0e_s390x",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:5c4fbf250c9af004dbc57b71a208635798f7c95e0a099d7560c0efd95d007c0e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:5c4fbf250c9af004dbc57b71a208635798f7c95e0a099d7560c0efd95d007c0e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.9.2-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:2730303d0766822aebbec417ffbfb71abf072026a42a2c358c28227c7c7fa3ba_ppc64le",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:2730303d0766822aebbec417ffbfb71abf072026a42a2c358c28227c7c7fa3ba_ppc64le",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:2730303d0766822aebbec417ffbfb71abf072026a42a2c358c28227c7c7fa3ba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:2730303d0766822aebbec417ffbfb71abf072026a42a2c358c28227c7c7fa3ba?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:5c2dda1779ea4cb1d038dfc66d8479dfe950ac431fb4b34491b49aaa9e932727_ppc64le",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:5c2dda1779ea4cb1d038dfc66d8479dfe950ac431fb4b34491b49aaa9e932727_ppc64le",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:5c2dda1779ea4cb1d038dfc66d8479dfe950ac431fb4b34491b49aaa9e932727_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:5c2dda1779ea4cb1d038dfc66d8479dfe950ac431fb4b34491b49aaa9e932727?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:599bb3b2d0cce5913aae5415805a721f2ab4f3597b7cda64e1c7ace211f72dac_ppc64le",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:599bb3b2d0cce5913aae5415805a721f2ab4f3597b7cda64e1c7ace211f72dac_ppc64le",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:599bb3b2d0cce5913aae5415805a721f2ab4f3597b7cda64e1c7ace211f72dac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:599bb3b2d0cce5913aae5415805a721f2ab4f3597b7cda64e1c7ace211f72dac?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:71106ba3b6d72314a7a0d49a2c74dd4fdb30f126f995f6d1254d28a868a16149_ppc64le",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:71106ba3b6d72314a7a0d49a2c74dd4fdb30f126f995f6d1254d28a868a16149_ppc64le",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:71106ba3b6d72314a7a0d49a2c74dd4fdb30f126f995f6d1254d28a868a16149_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:71106ba3b6d72314a7a0d49a2c74dd4fdb30f126f995f6d1254d28a868a16149?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:c86a4edc82ab73512e10304f8d4bf9339992e8ce253afdb8fffe476cb192ca3a_ppc64le",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:c86a4edc82ab73512e10304f8d4bf9339992e8ce253afdb8fffe476cb192ca3a_ppc64le",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:c86a4edc82ab73512e10304f8d4bf9339992e8ce253afdb8fffe476cb192ca3a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:c86a4edc82ab73512e10304f8d4bf9339992e8ce253afdb8fffe476cb192ca3a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:0b24e4ddc8a54dcfcf72312cc63b372307eece7bf06031f2d03b5dcbe208f16b_ppc64le",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:0b24e4ddc8a54dcfcf72312cc63b372307eece7bf06031f2d03b5dcbe208f16b_ppc64le",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:0b24e4ddc8a54dcfcf72312cc63b372307eece7bf06031f2d03b5dcbe208f16b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:0b24e4ddc8a54dcfcf72312cc63b372307eece7bf06031f2d03b5dcbe208f16b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:7c63f56044f12403ac6aab8e7813409415e62858258bd2164982a391afd45deb_ppc64le",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:7c63f56044f12403ac6aab8e7813409415e62858258bd2164982a391afd45deb_ppc64le",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:7c63f56044f12403ac6aab8e7813409415e62858258bd2164982a391afd45deb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:7c63f56044f12403ac6aab8e7813409415e62858258bd2164982a391afd45deb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.9.2-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:ef894220b2c60a8077e434cd2561dbab365814139c71317c0be6585a30856da8_ppc64le",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:ef894220b2c60a8077e434cd2561dbab365814139c71317c0be6585a30856da8_ppc64le",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:ef894220b2c60a8077e434cd2561dbab365814139c71317c0be6585a30856da8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:ef894220b2c60a8077e434cd2561dbab365814139c71317c0be6585a30856da8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.9.2-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:5c2dda1779ea4cb1d038dfc66d8479dfe950ac431fb4b34491b49aaa9e932727_ppc64le as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:5c2dda1779ea4cb1d038dfc66d8479dfe950ac431fb4b34491b49aaa9e932727_ppc64le"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:5c2dda1779ea4cb1d038dfc66d8479dfe950ac431fb4b34491b49aaa9e932727_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:7048e08a52ebcbf6ee3e2c70c6b12b92a044899e976a98ccf398931c01a48333_amd64 as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:7048e08a52ebcbf6ee3e2c70c6b12b92a044899e976a98ccf398931c01a48333_amd64"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:7048e08a52ebcbf6ee3e2c70c6b12b92a044899e976a98ccf398931c01a48333_amd64",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:747f8e0c69886810a16418f88d4b6796f50566ac02680b4f3d9136c03b38b41f_s390x as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:747f8e0c69886810a16418f88d4b6796f50566ac02680b4f3d9136c03b38b41f_s390x"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:747f8e0c69886810a16418f88d4b6796f50566ac02680b4f3d9136c03b38b41f_s390x",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:d29dcb4565dfa3750254ac943059452c7f9e8f6c6ff7ca1ea19ac8e51bd10b1b_arm64 as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:d29dcb4565dfa3750254ac943059452c7f9e8f6c6ff7ca1ea19ac8e51bd10b1b_arm64"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:d29dcb4565dfa3750254ac943059452c7f9e8f6c6ff7ca1ea19ac8e51bd10b1b_arm64",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:03d223c3928b2284d2ab6870652a8a34bb56e05f52388f0f90174da05f670535_arm64 as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:03d223c3928b2284d2ab6870652a8a34bb56e05f52388f0f90174da05f670535_arm64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:03d223c3928b2284d2ab6870652a8a34bb56e05f52388f0f90174da05f670535_arm64",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:2730303d0766822aebbec417ffbfb71abf072026a42a2c358c28227c7c7fa3ba_ppc64le as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:2730303d0766822aebbec417ffbfb71abf072026a42a2c358c28227c7c7fa3ba_ppc64le"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:2730303d0766822aebbec417ffbfb71abf072026a42a2c358c28227c7c7fa3ba_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:29921e02d3d3620ac789825260158e85b501faebfec67276308e4440f2c40ccc_s390x as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:29921e02d3d3620ac789825260158e85b501faebfec67276308e4440f2c40ccc_s390x"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:29921e02d3d3620ac789825260158e85b501faebfec67276308e4440f2c40ccc_s390x",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:f0054516df984bda47e005a2aaa5e7256c3039429aa5aa37c1a4b0f6f7942519_amd64 as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:f0054516df984bda47e005a2aaa5e7256c3039429aa5aa37c1a4b0f6f7942519_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:f0054516df984bda47e005a2aaa5e7256c3039429aa5aa37c1a4b0f6f7942519_amd64",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:599bb3b2d0cce5913aae5415805a721f2ab4f3597b7cda64e1c7ace211f72dac_ppc64le as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:599bb3b2d0cce5913aae5415805a721f2ab4f3597b7cda64e1c7ace211f72dac_ppc64le"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:599bb3b2d0cce5913aae5415805a721f2ab4f3597b7cda64e1c7ace211f72dac_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:6c0e00705e55f098a6927b93af39bc9e645eb989b58957eab6b0c6560c3f9952_arm64 as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6c0e00705e55f098a6927b93af39bc9e645eb989b58957eab6b0c6560c3f9952_arm64"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:6c0e00705e55f098a6927b93af39bc9e645eb989b58957eab6b0c6560c3f9952_arm64",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:7a0128152d1f40c8a9b908ca40518cbee671755b0749eb602bfaec51223ac4d3_amd64 as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:7a0128152d1f40c8a9b908ca40518cbee671755b0749eb602bfaec51223ac4d3_amd64"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:7a0128152d1f40c8a9b908ca40518cbee671755b0749eb602bfaec51223ac4d3_amd64",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:9ca8dacee46cb72f5ae2936ee737875c35f3feb4e405a4fac4513038867496ae_s390x as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:9ca8dacee46cb72f5ae2936ee737875c35f3feb4e405a4fac4513038867496ae_s390x"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:9ca8dacee46cb72f5ae2936ee737875c35f3feb4e405a4fac4513038867496ae_s390x",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:5c9950c9bf0fa1ca260d57eac882ad6123d45b305aafe5bc6d8bef15f2ef2eb9_s390x as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:5c9950c9bf0fa1ca260d57eac882ad6123d45b305aafe5bc6d8bef15f2ef2eb9_s390x"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:5c9950c9bf0fa1ca260d57eac882ad6123d45b305aafe5bc6d8bef15f2ef2eb9_s390x",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:c413aa3194057340397bf9800d8460f5907f744e992cd2c77a5749e1afd76b79_amd64 as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c413aa3194057340397bf9800d8460f5907f744e992cd2c77a5749e1afd76b79_amd64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:c413aa3194057340397bf9800d8460f5907f744e992cd2c77a5749e1afd76b79_amd64",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:c86a4edc82ab73512e10304f8d4bf9339992e8ce253afdb8fffe476cb192ca3a_ppc64le as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c86a4edc82ab73512e10304f8d4bf9339992e8ce253afdb8fffe476cb192ca3a_ppc64le"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:c86a4edc82ab73512e10304f8d4bf9339992e8ce253afdb8fffe476cb192ca3a_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:ea441e824727aaaf3603d111bb8041a6062832ba99f341eba6af46f206e14f21_arm64 as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:ea441e824727aaaf3603d111bb8041a6062832ba99f341eba6af46f206e14f21_arm64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:ea441e824727aaaf3603d111bb8041a6062832ba99f341eba6af46f206e14f21_arm64",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:2201eec03ba3e0b01a5e2352d9a158c8d4e10063b699c1239c7a9eedc717dfa8_amd64 as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:2201eec03ba3e0b01a5e2352d9a158c8d4e10063b699c1239c7a9eedc717dfa8_amd64"
},
"product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:2201eec03ba3e0b01a5e2352d9a158c8d4e10063b699c1239c7a9eedc717dfa8_amd64",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:5c4fbf250c9af004dbc57b71a208635798f7c95e0a099d7560c0efd95d007c0e_s390x as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:5c4fbf250c9af004dbc57b71a208635798f7c95e0a099d7560c0efd95d007c0e_s390x"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:5c4fbf250c9af004dbc57b71a208635798f7c95e0a099d7560c0efd95d007c0e_s390x",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:8704816375bd42dc5d9dc442694e511cb7307fce42090c5a335a320951f65f92_arm64 as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:8704816375bd42dc5d9dc442694e511cb7307fce42090c5a335a320951f65f92_arm64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:8704816375bd42dc5d9dc442694e511cb7307fce42090c5a335a320951f65f92_arm64",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:e1ac5234661969b0d0ec93b1d029a9b9d3e7f6f9d89ecf0334db98f1a2b251f2_amd64 as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:e1ac5234661969b0d0ec93b1d029a9b9d3e7f6f9d89ecf0334db98f1a2b251f2_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:e1ac5234661969b0d0ec93b1d029a9b9d3e7f6f9d89ecf0334db98f1a2b251f2_amd64",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:ef894220b2c60a8077e434cd2561dbab365814139c71317c0be6585a30856da8_ppc64le as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:ef894220b2c60a8077e434cd2561dbab365814139c71317c0be6585a30856da8_ppc64le"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:ef894220b2c60a8077e434cd2561dbab365814139c71317c0be6585a30856da8_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:71106ba3b6d72314a7a0d49a2c74dd4fdb30f126f995f6d1254d28a868a16149_ppc64le as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:71106ba3b6d72314a7a0d49a2c74dd4fdb30f126f995f6d1254d28a868a16149_ppc64le"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:71106ba3b6d72314a7a0d49a2c74dd4fdb30f126f995f6d1254d28a868a16149_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:97b6649067c47e120f8b38bec0c34904d941d408d12fda8350a09650fbb229a2_amd64 as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:97b6649067c47e120f8b38bec0c34904d941d408d12fda8350a09650fbb229a2_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:97b6649067c47e120f8b38bec0c34904d941d408d12fda8350a09650fbb229a2_amd64",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:b57adda5e21a2a4a7bd301d27a301c5f8faf9bbfefcaf33a4b25be7508f243f8_s390x as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:b57adda5e21a2a4a7bd301d27a301c5f8faf9bbfefcaf33a4b25be7508f243f8_s390x"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:b57adda5e21a2a4a7bd301d27a301c5f8faf9bbfefcaf33a4b25be7508f243f8_s390x",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:fcd40768542ab495c16147d412a36759ee55a9bec58a90224f27e89ca3772178_arm64 as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:fcd40768542ab495c16147d412a36759ee55a9bec58a90224f27e89ca3772178_arm64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:fcd40768542ab495c16147d412a36759ee55a9bec58a90224f27e89ca3772178_arm64",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:0b24e4ddc8a54dcfcf72312cc63b372307eece7bf06031f2d03b5dcbe208f16b_ppc64le as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:0b24e4ddc8a54dcfcf72312cc63b372307eece7bf06031f2d03b5dcbe208f16b_ppc64le"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:0b24e4ddc8a54dcfcf72312cc63b372307eece7bf06031f2d03b5dcbe208f16b_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:3bf8384e62a5540ea4bcd8d86170647ea6c5a84f090d56ca38037a41d5494c6c_amd64 as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:3bf8384e62a5540ea4bcd8d86170647ea6c5a84f090d56ca38037a41d5494c6c_amd64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:3bf8384e62a5540ea4bcd8d86170647ea6c5a84f090d56ca38037a41d5494c6c_amd64",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:7fcc5fb4733d4d733b47fc24dd92f902ce9f54ee5bbc42ce6e2376b9a8eb7e81_s390x as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7fcc5fb4733d4d733b47fc24dd92f902ce9f54ee5bbc42ce6e2376b9a8eb7e81_s390x"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:7fcc5fb4733d4d733b47fc24dd92f902ce9f54ee5bbc42ce6e2376b9a8eb7e81_s390x",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:86877c978adc1f22d87199fd23ea6f5fa05412badad3b3d3cbc74ba63a9a8721_arm64 as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:86877c978adc1f22d87199fd23ea6f5fa05412badad3b3d3cbc74ba63a9a8721_arm64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:86877c978adc1f22d87199fd23ea6f5fa05412badad3b3d3cbc74ba63a9a8721_arm64",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:67b6c9b9ae88c126653b774276ae66ced91ff84cb7809c3b2af57b00f5ae32e4_s390x as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:67b6c9b9ae88c126653b774276ae66ced91ff84cb7809c3b2af57b00f5ae32e4_s390x"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:67b6c9b9ae88c126653b774276ae66ced91ff84cb7809c3b2af57b00f5ae32e4_s390x",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:7c63f56044f12403ac6aab8e7813409415e62858258bd2164982a391afd45deb_ppc64le as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7c63f56044f12403ac6aab8e7813409415e62858258bd2164982a391afd45deb_ppc64le"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:7c63f56044f12403ac6aab8e7813409415e62858258bd2164982a391afd45deb_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:e6375ddb6b79f665f7c76a785d1e66dbc77d6cf72799d8f64cc71a1881c699b2_arm64 as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:e6375ddb6b79f665f7c76a785d1e66dbc77d6cf72799d8f64cc71a1881c699b2_arm64"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:e6375ddb6b79f665f7c76a785d1e66dbc77d6cf72799d8f64cc71a1881c699b2_arm64",
"relates_to_product_reference": "8Base-GitOps-1.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:f55e668c4fd9beb02af82d79e107aa39d4e849a3ecdf20eedaa8bb81bea8062b_amd64 as a component of Red Hat OpenShift GitOps 1.9",
"product_id": "8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:f55e668c4fd9beb02af82d79e107aa39d4e849a3ecdf20eedaa8bb81bea8062b_amd64"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:f55e668c4fd9beb02af82d79e107aa39d4e849a3ecdf20eedaa8bb81bea8062b_amd64",
"relates_to_product_reference": "8Base-GitOps-1.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-40029",
"discovery_date": "2023-08-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:5c2dda1779ea4cb1d038dfc66d8479dfe950ac431fb4b34491b49aaa9e932727_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:7048e08a52ebcbf6ee3e2c70c6b12b92a044899e976a98ccf398931c01a48333_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:747f8e0c69886810a16418f88d4b6796f50566ac02680b4f3d9136c03b38b41f_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:d29dcb4565dfa3750254ac943059452c7f9e8f6c6ff7ca1ea19ac8e51bd10b1b_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:599bb3b2d0cce5913aae5415805a721f2ab4f3597b7cda64e1c7ace211f72dac_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6c0e00705e55f098a6927b93af39bc9e645eb989b58957eab6b0c6560c3f9952_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:7a0128152d1f40c8a9b908ca40518cbee671755b0749eb602bfaec51223ac4d3_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:9ca8dacee46cb72f5ae2936ee737875c35f3feb4e405a4fac4513038867496ae_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:5c9950c9bf0fa1ca260d57eac882ad6123d45b305aafe5bc6d8bef15f2ef2eb9_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c413aa3194057340397bf9800d8460f5907f744e992cd2c77a5749e1afd76b79_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c86a4edc82ab73512e10304f8d4bf9339992e8ce253afdb8fffe476cb192ca3a_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:ea441e824727aaaf3603d111bb8041a6062832ba99f341eba6af46f206e14f21_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:2201eec03ba3e0b01a5e2352d9a158c8d4e10063b699c1239c7a9eedc717dfa8_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:5c4fbf250c9af004dbc57b71a208635798f7c95e0a099d7560c0efd95d007c0e_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:8704816375bd42dc5d9dc442694e511cb7307fce42090c5a335a320951f65f92_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:e1ac5234661969b0d0ec93b1d029a9b9d3e7f6f9d89ecf0334db98f1a2b251f2_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:ef894220b2c60a8077e434cd2561dbab365814139c71317c0be6585a30856da8_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:71106ba3b6d72314a7a0d49a2c74dd4fdb30f126f995f6d1254d28a868a16149_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:97b6649067c47e120f8b38bec0c34904d941d408d12fda8350a09650fbb229a2_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:b57adda5e21a2a4a7bd301d27a301c5f8faf9bbfefcaf33a4b25be7508f243f8_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:fcd40768542ab495c16147d412a36759ee55a9bec58a90224f27e89ca3772178_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:0b24e4ddc8a54dcfcf72312cc63b372307eece7bf06031f2d03b5dcbe208f16b_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:3bf8384e62a5540ea4bcd8d86170647ea6c5a84f090d56ca38037a41d5494c6c_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7fcc5fb4733d4d733b47fc24dd92f902ce9f54ee5bbc42ce6e2376b9a8eb7e81_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:86877c978adc1f22d87199fd23ea6f5fa05412badad3b3d3cbc74ba63a9a8721_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:67b6c9b9ae88c126653b774276ae66ced91ff84cb7809c3b2af57b00f5ae32e4_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7c63f56044f12403ac6aab8e7813409415e62858258bd2164982a391afd45deb_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:e6375ddb6b79f665f7c76a785d1e66dbc77d6cf72799d8f64cc71a1881c699b2_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:f55e668c4fd9beb02af82d79e107aa39d4e849a3ecdf20eedaa8bb81bea8062b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2233203"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the ArgoCD package, used by Red Hat GitOps, that allows cluster secrets to be managed declaratively using the `kubectl apply` functionality, resulting in the full secret body being stored in `kubectl.kubernetes.io/last-applied-configuration` annotation. Since ArgoCD has included the ability to manage cluster labels and annotations via its API, an attacker can retrieve sensitive authentication information by leveraging this capability, imposing a high impact on data confidentiality and integrity for the targeted ArgoCD cluster. To perform a successful attack, the malicious actor should have `clusters, get` RBAC access granted to its user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ArgoCD: secrets can be leak through kubectl.kubernetes.io/last-applied-configuration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:03d223c3928b2284d2ab6870652a8a34bb56e05f52388f0f90174da05f670535_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:2730303d0766822aebbec417ffbfb71abf072026a42a2c358c28227c7c7fa3ba_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:29921e02d3d3620ac789825260158e85b501faebfec67276308e4440f2c40ccc_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:f0054516df984bda47e005a2aaa5e7256c3039429aa5aa37c1a4b0f6f7942519_amd64"
],
"known_not_affected": [
"8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:5c2dda1779ea4cb1d038dfc66d8479dfe950ac431fb4b34491b49aaa9e932727_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:7048e08a52ebcbf6ee3e2c70c6b12b92a044899e976a98ccf398931c01a48333_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:747f8e0c69886810a16418f88d4b6796f50566ac02680b4f3d9136c03b38b41f_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:d29dcb4565dfa3750254ac943059452c7f9e8f6c6ff7ca1ea19ac8e51bd10b1b_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:599bb3b2d0cce5913aae5415805a721f2ab4f3597b7cda64e1c7ace211f72dac_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6c0e00705e55f098a6927b93af39bc9e645eb989b58957eab6b0c6560c3f9952_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:7a0128152d1f40c8a9b908ca40518cbee671755b0749eb602bfaec51223ac4d3_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:9ca8dacee46cb72f5ae2936ee737875c35f3feb4e405a4fac4513038867496ae_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:5c9950c9bf0fa1ca260d57eac882ad6123d45b305aafe5bc6d8bef15f2ef2eb9_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c413aa3194057340397bf9800d8460f5907f744e992cd2c77a5749e1afd76b79_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c86a4edc82ab73512e10304f8d4bf9339992e8ce253afdb8fffe476cb192ca3a_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:ea441e824727aaaf3603d111bb8041a6062832ba99f341eba6af46f206e14f21_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:2201eec03ba3e0b01a5e2352d9a158c8d4e10063b699c1239c7a9eedc717dfa8_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:5c4fbf250c9af004dbc57b71a208635798f7c95e0a099d7560c0efd95d007c0e_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:8704816375bd42dc5d9dc442694e511cb7307fce42090c5a335a320951f65f92_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:e1ac5234661969b0d0ec93b1d029a9b9d3e7f6f9d89ecf0334db98f1a2b251f2_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:ef894220b2c60a8077e434cd2561dbab365814139c71317c0be6585a30856da8_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:71106ba3b6d72314a7a0d49a2c74dd4fdb30f126f995f6d1254d28a868a16149_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:97b6649067c47e120f8b38bec0c34904d941d408d12fda8350a09650fbb229a2_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:b57adda5e21a2a4a7bd301d27a301c5f8faf9bbfefcaf33a4b25be7508f243f8_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:fcd40768542ab495c16147d412a36759ee55a9bec58a90224f27e89ca3772178_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:0b24e4ddc8a54dcfcf72312cc63b372307eece7bf06031f2d03b5dcbe208f16b_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:3bf8384e62a5540ea4bcd8d86170647ea6c5a84f090d56ca38037a41d5494c6c_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7fcc5fb4733d4d733b47fc24dd92f902ce9f54ee5bbc42ce6e2376b9a8eb7e81_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:86877c978adc1f22d87199fd23ea6f5fa05412badad3b3d3cbc74ba63a9a8721_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:67b6c9b9ae88c126653b774276ae66ced91ff84cb7809c3b2af57b00f5ae32e4_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7c63f56044f12403ac6aab8e7813409415e62858258bd2164982a391afd45deb_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:e6375ddb6b79f665f7c76a785d1e66dbc77d6cf72799d8f64cc71a1881c699b2_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:f55e668c4fd9beb02af82d79e107aa39d4e849a3ecdf20eedaa8bb81bea8062b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40029"
},
{
"category": "external",
"summary": "RHBZ#2233203",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2233203"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40029",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40029"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-fwr2-64vr-xv9m",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-fwr2-64vr-xv9m"
}
],
"release_date": "2023-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-08T13:00:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:03d223c3928b2284d2ab6870652a8a34bb56e05f52388f0f90174da05f670535_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:2730303d0766822aebbec417ffbfb71abf072026a42a2c358c28227c7c7fa3ba_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:29921e02d3d3620ac789825260158e85b501faebfec67276308e4440f2c40ccc_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:f0054516df984bda47e005a2aaa5e7256c3039429aa5aa37c1a4b0f6f7942519_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5029"
},
{
"category": "workaround",
"details": "Update/deploy the cluster secret with the`server-side-apply` flag, which does not use or rely on the `kubectl.kubernetes.io/last-applied-configuration` \u003chttp://kubectl.kubernetes.io/last-applied-configuration\u003e annotation.\n\nNote: Annotation for existing secrets will require manual removal.",
"product_ids": [
"8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:5c2dda1779ea4cb1d038dfc66d8479dfe950ac431fb4b34491b49aaa9e932727_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:7048e08a52ebcbf6ee3e2c70c6b12b92a044899e976a98ccf398931c01a48333_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:747f8e0c69886810a16418f88d4b6796f50566ac02680b4f3d9136c03b38b41f_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:d29dcb4565dfa3750254ac943059452c7f9e8f6c6ff7ca1ea19ac8e51bd10b1b_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:03d223c3928b2284d2ab6870652a8a34bb56e05f52388f0f90174da05f670535_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:2730303d0766822aebbec417ffbfb71abf072026a42a2c358c28227c7c7fa3ba_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:29921e02d3d3620ac789825260158e85b501faebfec67276308e4440f2c40ccc_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:f0054516df984bda47e005a2aaa5e7256c3039429aa5aa37c1a4b0f6f7942519_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:599bb3b2d0cce5913aae5415805a721f2ab4f3597b7cda64e1c7ace211f72dac_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6c0e00705e55f098a6927b93af39bc9e645eb989b58957eab6b0c6560c3f9952_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:7a0128152d1f40c8a9b908ca40518cbee671755b0749eb602bfaec51223ac4d3_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:9ca8dacee46cb72f5ae2936ee737875c35f3feb4e405a4fac4513038867496ae_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:5c9950c9bf0fa1ca260d57eac882ad6123d45b305aafe5bc6d8bef15f2ef2eb9_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c413aa3194057340397bf9800d8460f5907f744e992cd2c77a5749e1afd76b79_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c86a4edc82ab73512e10304f8d4bf9339992e8ce253afdb8fffe476cb192ca3a_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:ea441e824727aaaf3603d111bb8041a6062832ba99f341eba6af46f206e14f21_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:2201eec03ba3e0b01a5e2352d9a158c8d4e10063b699c1239c7a9eedc717dfa8_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:5c4fbf250c9af004dbc57b71a208635798f7c95e0a099d7560c0efd95d007c0e_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:8704816375bd42dc5d9dc442694e511cb7307fce42090c5a335a320951f65f92_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:e1ac5234661969b0d0ec93b1d029a9b9d3e7f6f9d89ecf0334db98f1a2b251f2_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:ef894220b2c60a8077e434cd2561dbab365814139c71317c0be6585a30856da8_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:71106ba3b6d72314a7a0d49a2c74dd4fdb30f126f995f6d1254d28a868a16149_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:97b6649067c47e120f8b38bec0c34904d941d408d12fda8350a09650fbb229a2_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:b57adda5e21a2a4a7bd301d27a301c5f8faf9bbfefcaf33a4b25be7508f243f8_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:fcd40768542ab495c16147d412a36759ee55a9bec58a90224f27e89ca3772178_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:0b24e4ddc8a54dcfcf72312cc63b372307eece7bf06031f2d03b5dcbe208f16b_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:3bf8384e62a5540ea4bcd8d86170647ea6c5a84f090d56ca38037a41d5494c6c_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7fcc5fb4733d4d733b47fc24dd92f902ce9f54ee5bbc42ce6e2376b9a8eb7e81_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:86877c978adc1f22d87199fd23ea6f5fa05412badad3b3d3cbc74ba63a9a8721_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:67b6c9b9ae88c126653b774276ae66ced91ff84cb7809c3b2af57b00f5ae32e4_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7c63f56044f12403ac6aab8e7813409415e62858258bd2164982a391afd45deb_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:e6375ddb6b79f665f7c76a785d1e66dbc77d6cf72799d8f64cc71a1881c699b2_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:f55e668c4fd9beb02af82d79e107aa39d4e849a3ecdf20eedaa8bb81bea8062b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:03d223c3928b2284d2ab6870652a8a34bb56e05f52388f0f90174da05f670535_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:2730303d0766822aebbec417ffbfb71abf072026a42a2c358c28227c7c7fa3ba_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:29921e02d3d3620ac789825260158e85b501faebfec67276308e4440f2c40ccc_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:f0054516df984bda47e005a2aaa5e7256c3039429aa5aa37c1a4b0f6f7942519_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "ArgoCD: secrets can be leak through kubectl.kubernetes.io/last-applied-configuration"
},
{
"cve": "CVE-2023-40584",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-08-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:5c2dda1779ea4cb1d038dfc66d8479dfe950ac431fb4b34491b49aaa9e932727_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:7048e08a52ebcbf6ee3e2c70c6b12b92a044899e976a98ccf398931c01a48333_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:747f8e0c69886810a16418f88d4b6796f50566ac02680b4f3d9136c03b38b41f_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:d29dcb4565dfa3750254ac943059452c7f9e8f6c6ff7ca1ea19ac8e51bd10b1b_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:599bb3b2d0cce5913aae5415805a721f2ab4f3597b7cda64e1c7ace211f72dac_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6c0e00705e55f098a6927b93af39bc9e645eb989b58957eab6b0c6560c3f9952_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:7a0128152d1f40c8a9b908ca40518cbee671755b0749eb602bfaec51223ac4d3_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:9ca8dacee46cb72f5ae2936ee737875c35f3feb4e405a4fac4513038867496ae_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:5c9950c9bf0fa1ca260d57eac882ad6123d45b305aafe5bc6d8bef15f2ef2eb9_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c413aa3194057340397bf9800d8460f5907f744e992cd2c77a5749e1afd76b79_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c86a4edc82ab73512e10304f8d4bf9339992e8ce253afdb8fffe476cb192ca3a_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:ea441e824727aaaf3603d111bb8041a6062832ba99f341eba6af46f206e14f21_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:2201eec03ba3e0b01a5e2352d9a158c8d4e10063b699c1239c7a9eedc717dfa8_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:5c4fbf250c9af004dbc57b71a208635798f7c95e0a099d7560c0efd95d007c0e_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:8704816375bd42dc5d9dc442694e511cb7307fce42090c5a335a320951f65f92_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:e1ac5234661969b0d0ec93b1d029a9b9d3e7f6f9d89ecf0334db98f1a2b251f2_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:ef894220b2c60a8077e434cd2561dbab365814139c71317c0be6585a30856da8_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:71106ba3b6d72314a7a0d49a2c74dd4fdb30f126f995f6d1254d28a868a16149_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:97b6649067c47e120f8b38bec0c34904d941d408d12fda8350a09650fbb229a2_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:b57adda5e21a2a4a7bd301d27a301c5f8faf9bbfefcaf33a4b25be7508f243f8_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:fcd40768542ab495c16147d412a36759ee55a9bec58a90224f27e89ca3772178_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:0b24e4ddc8a54dcfcf72312cc63b372307eece7bf06031f2d03b5dcbe208f16b_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:3bf8384e62a5540ea4bcd8d86170647ea6c5a84f090d56ca38037a41d5494c6c_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7fcc5fb4733d4d733b47fc24dd92f902ce9f54ee5bbc42ce6e2376b9a8eb7e81_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:86877c978adc1f22d87199fd23ea6f5fa05412badad3b3d3cbc74ba63a9a8721_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:67b6c9b9ae88c126653b774276ae66ced91ff84cb7809c3b2af57b00f5ae32e4_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7c63f56044f12403ac6aab8e7813409415e62858258bd2164982a391afd45deb_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:e6375ddb6b79f665f7c76a785d1e66dbc77d6cf72799d8f64cc71a1881c699b2_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:f55e668c4fd9beb02af82d79e107aa39d4e849a3ecdf20eedaa8bb81bea8062b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2236530"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ArgoCD, where it failed to properly validate the user-controlled tar.gz file uploaded to the repo-server component. As a result, a maliciously crafted tar.gz file sent by a low-privileged user may result in resource starvation and further denial of service of the ArgoCD server. Additionally, the lack of permissions checking for the inner files in the tar.gz file may lead to an attacker creating files that cannot be further deleted from the server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ArgoCD: Denial of Service to Argo CD repo-server",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:03d223c3928b2284d2ab6870652a8a34bb56e05f52388f0f90174da05f670535_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:2730303d0766822aebbec417ffbfb71abf072026a42a2c358c28227c7c7fa3ba_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:29921e02d3d3620ac789825260158e85b501faebfec67276308e4440f2c40ccc_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:f0054516df984bda47e005a2aaa5e7256c3039429aa5aa37c1a4b0f6f7942519_amd64"
],
"known_not_affected": [
"8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:5c2dda1779ea4cb1d038dfc66d8479dfe950ac431fb4b34491b49aaa9e932727_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:7048e08a52ebcbf6ee3e2c70c6b12b92a044899e976a98ccf398931c01a48333_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:747f8e0c69886810a16418f88d4b6796f50566ac02680b4f3d9136c03b38b41f_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/argo-rollouts-rhel8@sha256:d29dcb4565dfa3750254ac943059452c7f9e8f6c6ff7ca1ea19ac8e51bd10b1b_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:599bb3b2d0cce5913aae5415805a721f2ab4f3597b7cda64e1c7ace211f72dac_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:6c0e00705e55f098a6927b93af39bc9e645eb989b58957eab6b0c6560c3f9952_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:7a0128152d1f40c8a9b908ca40518cbee671755b0749eb602bfaec51223ac4d3_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/console-plugin-rhel8@sha256:9ca8dacee46cb72f5ae2936ee737875c35f3feb4e405a4fac4513038867496ae_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:5c9950c9bf0fa1ca260d57eac882ad6123d45b305aafe5bc6d8bef15f2ef2eb9_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c413aa3194057340397bf9800d8460f5907f744e992cd2c77a5749e1afd76b79_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:c86a4edc82ab73512e10304f8d4bf9339992e8ce253afdb8fffe476cb192ca3a_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/dex-rhel8@sha256:ea441e824727aaaf3603d111bb8041a6062832ba99f341eba6af46f206e14f21_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-operator-bundle@sha256:2201eec03ba3e0b01a5e2352d9a158c8d4e10063b699c1239c7a9eedc717dfa8_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:5c4fbf250c9af004dbc57b71a208635798f7c95e0a099d7560c0efd95d007c0e_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:8704816375bd42dc5d9dc442694e511cb7307fce42090c5a335a320951f65f92_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:e1ac5234661969b0d0ec93b1d029a9b9d3e7f6f9d89ecf0334db98f1a2b251f2_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8-operator@sha256:ef894220b2c60a8077e434cd2561dbab365814139c71317c0be6585a30856da8_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:71106ba3b6d72314a7a0d49a2c74dd4fdb30f126f995f6d1254d28a868a16149_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:97b6649067c47e120f8b38bec0c34904d941d408d12fda8350a09650fbb229a2_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:b57adda5e21a2a4a7bd301d27a301c5f8faf9bbfefcaf33a4b25be7508f243f8_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/gitops-rhel8@sha256:fcd40768542ab495c16147d412a36759ee55a9bec58a90224f27e89ca3772178_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:0b24e4ddc8a54dcfcf72312cc63b372307eece7bf06031f2d03b5dcbe208f16b_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:3bf8384e62a5540ea4bcd8d86170647ea6c5a84f090d56ca38037a41d5494c6c_amd64",
"8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:7fcc5fb4733d4d733b47fc24dd92f902ce9f54ee5bbc42ce6e2376b9a8eb7e81_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/kam-delivery-rhel8@sha256:86877c978adc1f22d87199fd23ea6f5fa05412badad3b3d3cbc74ba63a9a8721_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:67b6c9b9ae88c126653b774276ae66ced91ff84cb7809c3b2af57b00f5ae32e4_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:7c63f56044f12403ac6aab8e7813409415e62858258bd2164982a391afd45deb_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:e6375ddb6b79f665f7c76a785d1e66dbc77d6cf72799d8f64cc71a1881c699b2_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/must-gather-rhel8@sha256:f55e668c4fd9beb02af82d79e107aa39d4e849a3ecdf20eedaa8bb81bea8062b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40584"
},
{
"category": "external",
"summary": "RHBZ#2236530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236530"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40584",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40584"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40584",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40584"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-g687-f2gx-6wm8",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-g687-f2gx-6wm8"
}
],
"release_date": "2023-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-08T13:00:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:03d223c3928b2284d2ab6870652a8a34bb56e05f52388f0f90174da05f670535_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:2730303d0766822aebbec417ffbfb71abf072026a42a2c358c28227c7c7fa3ba_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:29921e02d3d3620ac789825260158e85b501faebfec67276308e4440f2c40ccc_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:f0054516df984bda47e005a2aaa5e7256c3039429aa5aa37c1a4b0f6f7942519_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:5029"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:03d223c3928b2284d2ab6870652a8a34bb56e05f52388f0f90174da05f670535_arm64",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:2730303d0766822aebbec417ffbfb71abf072026a42a2c358c28227c7c7fa3ba_ppc64le",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:29921e02d3d3620ac789825260158e85b501faebfec67276308e4440f2c40ccc_s390x",
"8Base-GitOps-1.9:openshift-gitops-1/argocd-rhel8@sha256:f0054516df984bda47e005a2aaa5e7256c3039429aa5aa37c1a4b0f6f7942519_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ArgoCD: Denial of Service to Argo CD repo-server"
}
]
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.