RHSA-2024:4973
Vulnerability from csaf_redhat - Published: 2024-08-01 11:04 - Updated: 2026-03-18 16:23Summary
Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.12.5 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat OpenShift GitOps v1.12.5. Red Hat
Product Security has rated this update as having a security impact of Important.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Errata Advisory for Red Hat OpenShift GitOps v1.12.5.
Security Fix(es):
* openshift-gitops-argocd-container: Unauthenticated Denial of Service
Vulnerability via /api/webhook Endpoint in Argo CD [gitops-1.12](CVE-2024-40634)
* openshift-gitops-container: Argo CD web terminal session doesn't expire [gitops-1.12](CVE-2023-40025)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Argo CD. Affected versions of Argo CD have a bug where open web terminal sessions do not expire. This bug allows users to send WebSocket messages even if the token has expired. The most straightforward scenario occurs when a user opens the terminal view and leaves it open for an extended period. This flaw allows users to view sensitive information even after logging out.
7.1 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:4973
A vulnerability was found in Argo CD. This flaw allows an unauthenticated attacker to send a specially crafted large JSON payload to the /api/webhook endpoint, causing excessive memory allocation leading to service disruption by triggering an out-of-memory (OOM) kill. The issue poses a high risk to the availability of Argo CD deployments.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:4973
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift GitOps v1.12.5. Red Hat\nProduct Security has rated this update as having a security impact of Important.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Errata Advisory for Red Hat OpenShift GitOps v1.12.5.\n\nSecurity Fix(es):\n\n* openshift-gitops-argocd-container: Unauthenticated Denial of Service\nVulnerability via /api/webhook Endpoint in Argo CD [gitops-1.12](CVE-2024-40634)\n* openshift-gitops-container: Argo CD web terminal session doesn\u0027t expire [gitops-1.12](CVE-2023-40025)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s)\nlisted in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:4973",
"url": "https://access.redhat.com/errata/RHSA-2024:4973"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4973.json"
}
],
"title": "Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.12.5 security update",
"tracking": {
"current_release_date": "2026-03-18T16:23:51+00:00",
"generator": {
"date": "2026-03-18T16:23:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2024:4973",
"initial_release_date": "2024-08-01T11:04:17+00:00",
"revision_history": [
{
"date": "2024-08-01T11:04:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-08-01T11:04:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T16:23:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.12",
"product": {
"name": "Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.12",
"product": {
"name": "Red Hat OpenShift GitOps 1.12",
"product_id": "9Base-GitOps-1.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.12::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:50d0f3f3f9fa326e666bd3d10925cf8b833db3d6d2dd74ddb892df038538505d_s390x",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:50d0f3f3f9fa326e666bd3d10925cf8b833db3d6d2dd74ddb892df038538505d_s390x",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:50d0f3f3f9fa326e666bd3d10925cf8b833db3d6d2dd74ddb892df038538505d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:50d0f3f3f9fa326e666bd3d10925cf8b833db3d6d2dd74ddb892df038538505d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:5a9383d8434b4e435d87fa2cecef424f99474bd9a0cb4ea7f7ec503e5dcf0678_s390x",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:5a9383d8434b4e435d87fa2cecef424f99474bd9a0cb4ea7f7ec503e5dcf0678_s390x",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:5a9383d8434b4e435d87fa2cecef424f99474bd9a0cb4ea7f7ec503e5dcf0678_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:5a9383d8434b4e435d87fa2cecef424f99474bd9a0cb4ea7f7ec503e5dcf0678?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:c26725f56d3fe072550431d490cd4faefc7bed9dc624d5f6c240044e736accc5_s390x",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:c26725f56d3fe072550431d490cd4faefc7bed9dc624d5f6c240044e736accc5_s390x",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:c26725f56d3fe072550431d490cd4faefc7bed9dc624d5f6c240044e736accc5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:c26725f56d3fe072550431d490cd4faefc7bed9dc624d5f6c240044e736accc5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:a0684ea750c0aef0ee43e8802a41464d2d6a59a33e698e871b544e7052a6ebc8_s390x",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:a0684ea750c0aef0ee43e8802a41464d2d6a59a33e698e871b544e7052a6ebc8_s390x",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:a0684ea750c0aef0ee43e8802a41464d2d6a59a33e698e871b544e7052a6ebc8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:a0684ea750c0aef0ee43e8802a41464d2d6a59a33e698e871b544e7052a6ebc8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:af0b83accf4344127f61b381dd4f520cda86ade8ee983f1c1ebf11a439f021a7_s390x",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:af0b83accf4344127f61b381dd4f520cda86ade8ee983f1c1ebf11a439f021a7_s390x",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:af0b83accf4344127f61b381dd4f520cda86ade8ee983f1c1ebf11a439f021a7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:af0b83accf4344127f61b381dd4f520cda86ade8ee983f1c1ebf11a439f021a7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:178d6bd716c9054f92c9f3889b9f005ca5fd9934b39834e7e13bb34600b24b6b_s390x",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:178d6bd716c9054f92c9f3889b9f005ca5fd9934b39834e7e13bb34600b24b6b_s390x",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:178d6bd716c9054f92c9f3889b9f005ca5fd9934b39834e7e13bb34600b24b6b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:178d6bd716c9054f92c9f3889b9f005ca5fd9934b39834e7e13bb34600b24b6b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:888cc5b63ecee0f30e1ae45faf5ccb2d17c73c902a918b9c2e5abe85f8579f46_s390x",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:888cc5b63ecee0f30e1ae45faf5ccb2d17c73c902a918b9c2e5abe85f8579f46_s390x",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:888cc5b63ecee0f30e1ae45faf5ccb2d17c73c902a918b9c2e5abe85f8579f46_s390x",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:888cc5b63ecee0f30e1ae45faf5ccb2d17c73c902a918b9c2e5abe85f8579f46?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:f979017b7f16d95047c74a087eac689f339cb0a6ad8fa740c138151162a83e29_s390x",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:f979017b7f16d95047c74a087eac689f339cb0a6ad8fa740c138151162a83e29_s390x",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:f979017b7f16d95047c74a087eac689f339cb0a6ad8fa740c138151162a83e29_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:f979017b7f16d95047c74a087eac689f339cb0a6ad8fa740c138151162a83e29?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.12.5-5"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:3bd5a449c9f9d8f36dcb190c5cf245c7700993a81cf44a65ef3bc3e23bbf1661_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:3bd5a449c9f9d8f36dcb190c5cf245c7700993a81cf44a65ef3bc3e23bbf1661_amd64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:3bd5a449c9f9d8f36dcb190c5cf245c7700993a81cf44a65ef3bc3e23bbf1661_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:3bd5a449c9f9d8f36dcb190c5cf245c7700993a81cf44a65ef3bc3e23bbf1661?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel9@sha256:c5cbc537b3079fc08d118434ac23e262d9e679adf4143d2be05009831bfa3e6f_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel9@sha256:c5cbc537b3079fc08d118434ac23e262d9e679adf4143d2be05009831bfa3e6f_amd64",
"product_id": "openshift-gitops-1/argocd-rhel9@sha256:c5cbc537b3079fc08d118434ac23e262d9e679adf4143d2be05009831bfa3e6f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256:c5cbc537b3079fc08d118434ac23e262d9e679adf4143d2be05009831bfa3e6f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel9\u0026tag=v1.12.5-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:18b430d162405a964f846242be0c3b7014be4c33689a3a8743b44238c9d7fb75_amd64",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:18b430d162405a964f846242be0c3b7014be4c33689a3a8743b44238c9d7fb75_amd64",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:18b430d162405a964f846242be0c3b7014be4c33689a3a8743b44238c9d7fb75_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:18b430d162405a964f846242be0c3b7014be4c33689a3a8743b44238c9d7fb75?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:e3979829c8f831fac5a8f7e22e620b8d79cb223dc973a4d9d1fe3b6245bf6ab4_amd64",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:e3979829c8f831fac5a8f7e22e620b8d79cb223dc973a4d9d1fe3b6245bf6ab4_amd64",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:e3979829c8f831fac5a8f7e22e620b8d79cb223dc973a4d9d1fe3b6245bf6ab4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:e3979829c8f831fac5a8f7e22e620b8d79cb223dc973a4d9d1fe3b6245bf6ab4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:5f9ae6792724ac2e40928d65981d33d54cb29e0d03a4c76eb18deabdf76601bc_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:5f9ae6792724ac2e40928d65981d33d54cb29e0d03a4c76eb18deabdf76601bc_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:5f9ae6792724ac2e40928d65981d33d54cb29e0d03a4c76eb18deabdf76601bc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:5f9ae6792724ac2e40928d65981d33d54cb29e0d03a4c76eb18deabdf76601bc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:dbcaa78bc38f4f413eb826f39473c775ec47e64dd17a8779f2c74bf1e65631b5_amd64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:dbcaa78bc38f4f413eb826f39473c775ec47e64dd17a8779f2c74bf1e65631b5_amd64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:dbcaa78bc38f4f413eb826f39473c775ec47e64dd17a8779f2c74bf1e65631b5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:dbcaa78bc38f4f413eb826f39473c775ec47e64dd17a8779f2c74bf1e65631b5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:9f4d4a389a54f9c58527e7b5177b11b2f2829ef59a56fae3a4f70192a4823b32_amd64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:9f4d4a389a54f9c58527e7b5177b11b2f2829ef59a56fae3a4f70192a4823b32_amd64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:9f4d4a389a54f9c58527e7b5177b11b2f2829ef59a56fae3a4f70192a4823b32_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:9f4d4a389a54f9c58527e7b5177b11b2f2829ef59a56fae3a4f70192a4823b32?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:02ebf2575bd5991d75d02355967659c71e52f1e7e86bf92e05e614280712552a_amd64",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:02ebf2575bd5991d75d02355967659c71e52f1e7e86bf92e05e614280712552a_amd64",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:02ebf2575bd5991d75d02355967659c71e52f1e7e86bf92e05e614280712552a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:02ebf2575bd5991d75d02355967659c71e52f1e7e86bf92e05e614280712552a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:47798cd9f0498560eab4efede77f144b937b07ddb77e3831b654f51d1a5b04b6_amd64",
"product": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:47798cd9f0498560eab4efede77f144b937b07ddb77e3831b654f51d1a5b04b6_amd64",
"product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:47798cd9f0498560eab4efede77f144b937b07ddb77e3831b654f51d1a5b04b6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256:47798cd9f0498560eab4efede77f144b937b07ddb77e3831b654f51d1a5b04b6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:9164b66f491acb3f5ad79a44b1a0d342644bc3c860e98fd2034aa7676b897024_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:9164b66f491acb3f5ad79a44b1a0d342644bc3c860e98fd2034aa7676b897024_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:9164b66f491acb3f5ad79a44b1a0d342644bc3c860e98fd2034aa7676b897024_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:9164b66f491acb3f5ad79a44b1a0d342644bc3c860e98fd2034aa7676b897024?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.12.5-5"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:e4859aef6c26fbadaa45f4e37813977208f490f6f1c047621591ad6be30577b3_arm64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:e4859aef6c26fbadaa45f4e37813977208f490f6f1c047621591ad6be30577b3_arm64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:e4859aef6c26fbadaa45f4e37813977208f490f6f1c047621591ad6be30577b3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:e4859aef6c26fbadaa45f4e37813977208f490f6f1c047621591ad6be30577b3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel9@sha256:233b230e32fb38dfddc32ef3046568d80816031c9a6fcff8393448ba452d4f50_arm64",
"product": {
"name": "openshift-gitops-1/argocd-rhel9@sha256:233b230e32fb38dfddc32ef3046568d80816031c9a6fcff8393448ba452d4f50_arm64",
"product_id": "openshift-gitops-1/argocd-rhel9@sha256:233b230e32fb38dfddc32ef3046568d80816031c9a6fcff8393448ba452d4f50_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256:233b230e32fb38dfddc32ef3046568d80816031c9a6fcff8393448ba452d4f50?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel9\u0026tag=v1.12.5-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bdfbf535f858e2c2e1abb74c2d513bf5f970d105f7d7b9678adb4702934056db_arm64",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bdfbf535f858e2c2e1abb74c2d513bf5f970d105f7d7b9678adb4702934056db_arm64",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bdfbf535f858e2c2e1abb74c2d513bf5f970d105f7d7b9678adb4702934056db_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:bdfbf535f858e2c2e1abb74c2d513bf5f970d105f7d7b9678adb4702934056db?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:5fe4ade2ee712defbdd1e0b64af88b62ed7c9bd95ee896e1a9de5ac528320e19_arm64",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:5fe4ade2ee712defbdd1e0b64af88b62ed7c9bd95ee896e1a9de5ac528320e19_arm64",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:5fe4ade2ee712defbdd1e0b64af88b62ed7c9bd95ee896e1a9de5ac528320e19_arm64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:5fe4ade2ee712defbdd1e0b64af88b62ed7c9bd95ee896e1a9de5ac528320e19?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:eb2ad7951c4e0125fb803d681f42f6e8a4d0ce03e1be9567f3aeb9d131c3ed5b_arm64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:eb2ad7951c4e0125fb803d681f42f6e8a4d0ce03e1be9567f3aeb9d131c3ed5b_arm64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:eb2ad7951c4e0125fb803d681f42f6e8a4d0ce03e1be9567f3aeb9d131c3ed5b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:eb2ad7951c4e0125fb803d681f42f6e8a4d0ce03e1be9567f3aeb9d131c3ed5b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:d002617194b11ad14c836a5367ca0198be802c40d8e86b54f188f80fbdf70ff1_arm64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:d002617194b11ad14c836a5367ca0198be802c40d8e86b54f188f80fbdf70ff1_arm64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:d002617194b11ad14c836a5367ca0198be802c40d8e86b54f188f80fbdf70ff1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:d002617194b11ad14c836a5367ca0198be802c40d8e86b54f188f80fbdf70ff1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:1e17fb78bcf6d4799b02e514527010cf267502d982c2f6e7ce92309e9d0cf550_arm64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:1e17fb78bcf6d4799b02e514527010cf267502d982c2f6e7ce92309e9d0cf550_arm64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:1e17fb78bcf6d4799b02e514527010cf267502d982c2f6e7ce92309e9d0cf550_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:1e17fb78bcf6d4799b02e514527010cf267502d982c2f6e7ce92309e9d0cf550?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:423090fd4a5d3f096c61c0445c005da53095dff0154b9ad680c3749b7ef6e4dd_arm64",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:423090fd4a5d3f096c61c0445c005da53095dff0154b9ad680c3749b7ef6e4dd_arm64",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:423090fd4a5d3f096c61c0445c005da53095dff0154b9ad680c3749b7ef6e4dd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:423090fd4a5d3f096c61c0445c005da53095dff0154b9ad680c3749b7ef6e4dd?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:81bc146c5dfbacde091a03ed12d04b61bc33258d44203798e332efb0ee5c27f9_arm64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:81bc146c5dfbacde091a03ed12d04b61bc33258d44203798e332efb0ee5c27f9_arm64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:81bc146c5dfbacde091a03ed12d04b61bc33258d44203798e332efb0ee5c27f9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:81bc146c5dfbacde091a03ed12d04b61bc33258d44203798e332efb0ee5c27f9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.12.5-5"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:b2596687f550a204e1c0994583406f857faa1917a1e41561d6b154071c3ed63e_ppc64le",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:b2596687f550a204e1c0994583406f857faa1917a1e41561d6b154071c3ed63e_ppc64le",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:b2596687f550a204e1c0994583406f857faa1917a1e41561d6b154071c3ed63e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:b2596687f550a204e1c0994583406f857faa1917a1e41561d6b154071c3ed63e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:cb95a31e6445ba30f6189fd8ff2ef6f75b37d7d5835ca168b0a4ea6f03678b1f_ppc64le",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:cb95a31e6445ba30f6189fd8ff2ef6f75b37d7d5835ca168b0a4ea6f03678b1f_ppc64le",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:cb95a31e6445ba30f6189fd8ff2ef6f75b37d7d5835ca168b0a4ea6f03678b1f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:cb95a31e6445ba30f6189fd8ff2ef6f75b37d7d5835ca168b0a4ea6f03678b1f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:ba1ed27f053c5cbb54febfa8b03a038250c557586c501e09abe6906592cdcd19_ppc64le",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:ba1ed27f053c5cbb54febfa8b03a038250c557586c501e09abe6906592cdcd19_ppc64le",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:ba1ed27f053c5cbb54febfa8b03a038250c557586c501e09abe6906592cdcd19_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:ba1ed27f053c5cbb54febfa8b03a038250c557586c501e09abe6906592cdcd19?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:75cbc8b5e4b25ded63ad9dfec0e1acaca8f0779c85c8e28b489ba2292d176c2b_ppc64le",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:75cbc8b5e4b25ded63ad9dfec0e1acaca8f0779c85c8e28b489ba2292d176c2b_ppc64le",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:75cbc8b5e4b25ded63ad9dfec0e1acaca8f0779c85c8e28b489ba2292d176c2b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:75cbc8b5e4b25ded63ad9dfec0e1acaca8f0779c85c8e28b489ba2292d176c2b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:67837763574902fd1c6ac1bff6bd7efe6e1fab7049389ae69bc21f50d810397c_ppc64le",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:67837763574902fd1c6ac1bff6bd7efe6e1fab7049389ae69bc21f50d810397c_ppc64le",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:67837763574902fd1c6ac1bff6bd7efe6e1fab7049389ae69bc21f50d810397c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:67837763574902fd1c6ac1bff6bd7efe6e1fab7049389ae69bc21f50d810397c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:fd3214d586fd54846577a57285378b87cade3575911d6040701aee903a53800a_ppc64le",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:fd3214d586fd54846577a57285378b87cade3575911d6040701aee903a53800a_ppc64le",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:fd3214d586fd54846577a57285378b87cade3575911d6040701aee903a53800a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:fd3214d586fd54846577a57285378b87cade3575911d6040701aee903a53800a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:103da26a12b0f6408da3a16b93a4051ae3c2bd68c5c23398ab09d6a3bc33cb3b_ppc64le",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:103da26a12b0f6408da3a16b93a4051ae3c2bd68c5c23398ab09d6a3bc33cb3b_ppc64le",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:103da26a12b0f6408da3a16b93a4051ae3c2bd68c5c23398ab09d6a3bc33cb3b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:103da26a12b0f6408da3a16b93a4051ae3c2bd68c5c23398ab09d6a3bc33cb3b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.12.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:edfa5765e92902d63473e1921d4814a007db7bf7242a11b929b1550954ea1dde_ppc64le",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:edfa5765e92902d63473e1921d4814a007db7bf7242a11b929b1550954ea1dde_ppc64le",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:edfa5765e92902d63473e1921d4814a007db7bf7242a11b929b1550954ea1dde_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:edfa5765e92902d63473e1921d4814a007db7bf7242a11b929b1550954ea1dde?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.12.5-5"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:18b430d162405a964f846242be0c3b7014be4c33689a3a8743b44238c9d7fb75_amd64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:18b430d162405a964f846242be0c3b7014be4c33689a3a8743b44238c9d7fb75_amd64"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:18b430d162405a964f846242be0c3b7014be4c33689a3a8743b44238c9d7fb75_amd64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:5a9383d8434b4e435d87fa2cecef424f99474bd9a0cb4ea7f7ec503e5dcf0678_s390x as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:5a9383d8434b4e435d87fa2cecef424f99474bd9a0cb4ea7f7ec503e5dcf0678_s390x"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:5a9383d8434b4e435d87fa2cecef424f99474bd9a0cb4ea7f7ec503e5dcf0678_s390x",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bdfbf535f858e2c2e1abb74c2d513bf5f970d105f7d7b9678adb4702934056db_arm64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:bdfbf535f858e2c2e1abb74c2d513bf5f970d105f7d7b9678adb4702934056db_arm64"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bdfbf535f858e2c2e1abb74c2d513bf5f970d105f7d7b9678adb4702934056db_arm64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:cb95a31e6445ba30f6189fd8ff2ef6f75b37d7d5835ca168b0a4ea6f03678b1f_ppc64le as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:cb95a31e6445ba30f6189fd8ff2ef6f75b37d7d5835ca168b0a4ea6f03678b1f_ppc64le"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:cb95a31e6445ba30f6189fd8ff2ef6f75b37d7d5835ca168b0a4ea6f03678b1f_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:3bd5a449c9f9d8f36dcb190c5cf245c7700993a81cf44a65ef3bc3e23bbf1661_amd64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:3bd5a449c9f9d8f36dcb190c5cf245c7700993a81cf44a65ef3bc3e23bbf1661_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:3bd5a449c9f9d8f36dcb190c5cf245c7700993a81cf44a65ef3bc3e23bbf1661_amd64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:50d0f3f3f9fa326e666bd3d10925cf8b833db3d6d2dd74ddb892df038538505d_s390x as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:50d0f3f3f9fa326e666bd3d10925cf8b833db3d6d2dd74ddb892df038538505d_s390x"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:50d0f3f3f9fa326e666bd3d10925cf8b833db3d6d2dd74ddb892df038538505d_s390x",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:b2596687f550a204e1c0994583406f857faa1917a1e41561d6b154071c3ed63e_ppc64le as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:b2596687f550a204e1c0994583406f857faa1917a1e41561d6b154071c3ed63e_ppc64le"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:b2596687f550a204e1c0994583406f857faa1917a1e41561d6b154071c3ed63e_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:e4859aef6c26fbadaa45f4e37813977208f490f6f1c047621591ad6be30577b3_arm64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:e4859aef6c26fbadaa45f4e37813977208f490f6f1c047621591ad6be30577b3_arm64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:e4859aef6c26fbadaa45f4e37813977208f490f6f1c047621591ad6be30577b3_arm64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:5fe4ade2ee712defbdd1e0b64af88b62ed7c9bd95ee896e1a9de5ac528320e19_arm64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:5fe4ade2ee712defbdd1e0b64af88b62ed7c9bd95ee896e1a9de5ac528320e19_arm64"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:5fe4ade2ee712defbdd1e0b64af88b62ed7c9bd95ee896e1a9de5ac528320e19_arm64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:ba1ed27f053c5cbb54febfa8b03a038250c557586c501e09abe6906592cdcd19_ppc64le as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:ba1ed27f053c5cbb54febfa8b03a038250c557586c501e09abe6906592cdcd19_ppc64le"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:ba1ed27f053c5cbb54febfa8b03a038250c557586c501e09abe6906592cdcd19_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:c26725f56d3fe072550431d490cd4faefc7bed9dc624d5f6c240044e736accc5_s390x as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:c26725f56d3fe072550431d490cd4faefc7bed9dc624d5f6c240044e736accc5_s390x"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:c26725f56d3fe072550431d490cd4faefc7bed9dc624d5f6c240044e736accc5_s390x",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:e3979829c8f831fac5a8f7e22e620b8d79cb223dc973a4d9d1fe3b6245bf6ab4_amd64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:e3979829c8f831fac5a8f7e22e620b8d79cb223dc973a4d9d1fe3b6245bf6ab4_amd64"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:e3979829c8f831fac5a8f7e22e620b8d79cb223dc973a4d9d1fe3b6245bf6ab4_amd64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:67837763574902fd1c6ac1bff6bd7efe6e1fab7049389ae69bc21f50d810397c_ppc64le as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:67837763574902fd1c6ac1bff6bd7efe6e1fab7049389ae69bc21f50d810397c_ppc64le"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:67837763574902fd1c6ac1bff6bd7efe6e1fab7049389ae69bc21f50d810397c_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:af0b83accf4344127f61b381dd4f520cda86ade8ee983f1c1ebf11a439f021a7_s390x as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:af0b83accf4344127f61b381dd4f520cda86ade8ee983f1c1ebf11a439f021a7_s390x"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:af0b83accf4344127f61b381dd4f520cda86ade8ee983f1c1ebf11a439f021a7_s390x",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:d002617194b11ad14c836a5367ca0198be802c40d8e86b54f188f80fbdf70ff1_arm64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:d002617194b11ad14c836a5367ca0198be802c40d8e86b54f188f80fbdf70ff1_arm64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:d002617194b11ad14c836a5367ca0198be802c40d8e86b54f188f80fbdf70ff1_arm64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:dbcaa78bc38f4f413eb826f39473c775ec47e64dd17a8779f2c74bf1e65631b5_amd64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:dbcaa78bc38f4f413eb826f39473c775ec47e64dd17a8779f2c74bf1e65631b5_amd64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:dbcaa78bc38f4f413eb826f39473c775ec47e64dd17a8779f2c74bf1e65631b5_amd64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:47798cd9f0498560eab4efede77f144b937b07ddb77e3831b654f51d1a5b04b6_amd64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:47798cd9f0498560eab4efede77f144b937b07ddb77e3831b654f51d1a5b04b6_amd64"
},
"product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:47798cd9f0498560eab4efede77f144b937b07ddb77e3831b654f51d1a5b04b6_amd64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:81bc146c5dfbacde091a03ed12d04b61bc33258d44203798e332efb0ee5c27f9_arm64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:81bc146c5dfbacde091a03ed12d04b61bc33258d44203798e332efb0ee5c27f9_arm64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:81bc146c5dfbacde091a03ed12d04b61bc33258d44203798e332efb0ee5c27f9_arm64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:9164b66f491acb3f5ad79a44b1a0d342644bc3c860e98fd2034aa7676b897024_amd64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:9164b66f491acb3f5ad79a44b1a0d342644bc3c860e98fd2034aa7676b897024_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:9164b66f491acb3f5ad79a44b1a0d342644bc3c860e98fd2034aa7676b897024_amd64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:edfa5765e92902d63473e1921d4814a007db7bf7242a11b929b1550954ea1dde_ppc64le as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:edfa5765e92902d63473e1921d4814a007db7bf7242a11b929b1550954ea1dde_ppc64le"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:edfa5765e92902d63473e1921d4814a007db7bf7242a11b929b1550954ea1dde_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:f979017b7f16d95047c74a087eac689f339cb0a6ad8fa740c138151162a83e29_s390x as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:f979017b7f16d95047c74a087eac689f339cb0a6ad8fa740c138151162a83e29_s390x"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:f979017b7f16d95047c74a087eac689f339cb0a6ad8fa740c138151162a83e29_s390x",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:5f9ae6792724ac2e40928d65981d33d54cb29e0d03a4c76eb18deabdf76601bc_amd64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:5f9ae6792724ac2e40928d65981d33d54cb29e0d03a4c76eb18deabdf76601bc_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:5f9ae6792724ac2e40928d65981d33d54cb29e0d03a4c76eb18deabdf76601bc_amd64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:75cbc8b5e4b25ded63ad9dfec0e1acaca8f0779c85c8e28b489ba2292d176c2b_ppc64le as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:75cbc8b5e4b25ded63ad9dfec0e1acaca8f0779c85c8e28b489ba2292d176c2b_ppc64le"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:75cbc8b5e4b25ded63ad9dfec0e1acaca8f0779c85c8e28b489ba2292d176c2b_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:a0684ea750c0aef0ee43e8802a41464d2d6a59a33e698e871b544e7052a6ebc8_s390x as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:a0684ea750c0aef0ee43e8802a41464d2d6a59a33e698e871b544e7052a6ebc8_s390x"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:a0684ea750c0aef0ee43e8802a41464d2d6a59a33e698e871b544e7052a6ebc8_s390x",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:eb2ad7951c4e0125fb803d681f42f6e8a4d0ce03e1be9567f3aeb9d131c3ed5b_arm64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:eb2ad7951c4e0125fb803d681f42f6e8a4d0ce03e1be9567f3aeb9d131c3ed5b_arm64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:eb2ad7951c4e0125fb803d681f42f6e8a4d0ce03e1be9567f3aeb9d131c3ed5b_arm64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:178d6bd716c9054f92c9f3889b9f005ca5fd9934b39834e7e13bb34600b24b6b_s390x as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:178d6bd716c9054f92c9f3889b9f005ca5fd9934b39834e7e13bb34600b24b6b_s390x"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:178d6bd716c9054f92c9f3889b9f005ca5fd9934b39834e7e13bb34600b24b6b_s390x",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:1e17fb78bcf6d4799b02e514527010cf267502d982c2f6e7ce92309e9d0cf550_arm64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:1e17fb78bcf6d4799b02e514527010cf267502d982c2f6e7ce92309e9d0cf550_arm64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:1e17fb78bcf6d4799b02e514527010cf267502d982c2f6e7ce92309e9d0cf550_arm64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:9f4d4a389a54f9c58527e7b5177b11b2f2829ef59a56fae3a4f70192a4823b32_amd64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:9f4d4a389a54f9c58527e7b5177b11b2f2829ef59a56fae3a4f70192a4823b32_amd64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:9f4d4a389a54f9c58527e7b5177b11b2f2829ef59a56fae3a4f70192a4823b32_amd64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:fd3214d586fd54846577a57285378b87cade3575911d6040701aee903a53800a_ppc64le as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:fd3214d586fd54846577a57285378b87cade3575911d6040701aee903a53800a_ppc64le"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:fd3214d586fd54846577a57285378b87cade3575911d6040701aee903a53800a_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:02ebf2575bd5991d75d02355967659c71e52f1e7e86bf92e05e614280712552a_amd64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:02ebf2575bd5991d75d02355967659c71e52f1e7e86bf92e05e614280712552a_amd64"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:02ebf2575bd5991d75d02355967659c71e52f1e7e86bf92e05e614280712552a_amd64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:103da26a12b0f6408da3a16b93a4051ae3c2bd68c5c23398ab09d6a3bc33cb3b_ppc64le as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:103da26a12b0f6408da3a16b93a4051ae3c2bd68c5c23398ab09d6a3bc33cb3b_ppc64le"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:103da26a12b0f6408da3a16b93a4051ae3c2bd68c5c23398ab09d6a3bc33cb3b_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:423090fd4a5d3f096c61c0445c005da53095dff0154b9ad680c3749b7ef6e4dd_arm64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:423090fd4a5d3f096c61c0445c005da53095dff0154b9ad680c3749b7ef6e4dd_arm64"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:423090fd4a5d3f096c61c0445c005da53095dff0154b9ad680c3749b7ef6e4dd_arm64",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:888cc5b63ecee0f30e1ae45faf5ccb2d17c73c902a918b9c2e5abe85f8579f46_s390x as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:888cc5b63ecee0f30e1ae45faf5ccb2d17c73c902a918b9c2e5abe85f8579f46_s390x"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:888cc5b63ecee0f30e1ae45faf5ccb2d17c73c902a918b9c2e5abe85f8579f46_s390x",
"relates_to_product_reference": "8Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel9@sha256:233b230e32fb38dfddc32ef3046568d80816031c9a6fcff8393448ba452d4f50_arm64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:233b230e32fb38dfddc32ef3046568d80816031c9a6fcff8393448ba452d4f50_arm64"
},
"product_reference": "openshift-gitops-1/argocd-rhel9@sha256:233b230e32fb38dfddc32ef3046568d80816031c9a6fcff8393448ba452d4f50_arm64",
"relates_to_product_reference": "9Base-GitOps-1.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel9@sha256:c5cbc537b3079fc08d118434ac23e262d9e679adf4143d2be05009831bfa3e6f_amd64 as a component of Red Hat OpenShift GitOps 1.12",
"product_id": "9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:c5cbc537b3079fc08d118434ac23e262d9e679adf4143d2be05009831bfa3e6f_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel9@sha256:c5cbc537b3079fc08d118434ac23e262d9e679adf4143d2be05009831bfa3e6f_amd64",
"relates_to_product_reference": "9Base-GitOps-1.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-40025",
"cwe": {
"id": "CWE-613",
"name": "Insufficient Session Expiration"
},
"discovery_date": "2024-07-30T04:26:12+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2301445"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Argo CD. Affected versions of Argo CD have a bug where open web terminal sessions do not expire. This bug allows users to send WebSocket messages even if the token has expired. The most straightforward scenario occurs when a user opens the terminal view and leaves it open for an extended period. This flaw allows users to view sensitive information even after logging out.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "argo-cd: Argo CD web terminal session doesn\u0027t expire",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:18b430d162405a964f846242be0c3b7014be4c33689a3a8743b44238c9d7fb75_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:5a9383d8434b4e435d87fa2cecef424f99474bd9a0cb4ea7f7ec503e5dcf0678_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:bdfbf535f858e2c2e1abb74c2d513bf5f970d105f7d7b9678adb4702934056db_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:cb95a31e6445ba30f6189fd8ff2ef6f75b37d7d5835ca168b0a4ea6f03678b1f_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:3bd5a449c9f9d8f36dcb190c5cf245c7700993a81cf44a65ef3bc3e23bbf1661_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:50d0f3f3f9fa326e666bd3d10925cf8b833db3d6d2dd74ddb892df038538505d_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:b2596687f550a204e1c0994583406f857faa1917a1e41561d6b154071c3ed63e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:e4859aef6c26fbadaa45f4e37813977208f490f6f1c047621591ad6be30577b3_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:5fe4ade2ee712defbdd1e0b64af88b62ed7c9bd95ee896e1a9de5ac528320e19_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:ba1ed27f053c5cbb54febfa8b03a038250c557586c501e09abe6906592cdcd19_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:c26725f56d3fe072550431d490cd4faefc7bed9dc624d5f6c240044e736accc5_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:e3979829c8f831fac5a8f7e22e620b8d79cb223dc973a4d9d1fe3b6245bf6ab4_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:67837763574902fd1c6ac1bff6bd7efe6e1fab7049389ae69bc21f50d810397c_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:af0b83accf4344127f61b381dd4f520cda86ade8ee983f1c1ebf11a439f021a7_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:d002617194b11ad14c836a5367ca0198be802c40d8e86b54f188f80fbdf70ff1_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:dbcaa78bc38f4f413eb826f39473c775ec47e64dd17a8779f2c74bf1e65631b5_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:47798cd9f0498560eab4efede77f144b937b07ddb77e3831b654f51d1a5b04b6_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:81bc146c5dfbacde091a03ed12d04b61bc33258d44203798e332efb0ee5c27f9_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:9164b66f491acb3f5ad79a44b1a0d342644bc3c860e98fd2034aa7676b897024_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:edfa5765e92902d63473e1921d4814a007db7bf7242a11b929b1550954ea1dde_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:f979017b7f16d95047c74a087eac689f339cb0a6ad8fa740c138151162a83e29_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:5f9ae6792724ac2e40928d65981d33d54cb29e0d03a4c76eb18deabdf76601bc_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:75cbc8b5e4b25ded63ad9dfec0e1acaca8f0779c85c8e28b489ba2292d176c2b_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:a0684ea750c0aef0ee43e8802a41464d2d6a59a33e698e871b544e7052a6ebc8_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:eb2ad7951c4e0125fb803d681f42f6e8a4d0ce03e1be9567f3aeb9d131c3ed5b_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:178d6bd716c9054f92c9f3889b9f005ca5fd9934b39834e7e13bb34600b24b6b_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:1e17fb78bcf6d4799b02e514527010cf267502d982c2f6e7ce92309e9d0cf550_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:9f4d4a389a54f9c58527e7b5177b11b2f2829ef59a56fae3a4f70192a4823b32_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:fd3214d586fd54846577a57285378b87cade3575911d6040701aee903a53800a_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:02ebf2575bd5991d75d02355967659c71e52f1e7e86bf92e05e614280712552a_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:103da26a12b0f6408da3a16b93a4051ae3c2bd68c5c23398ab09d6a3bc33cb3b_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:423090fd4a5d3f096c61c0445c005da53095dff0154b9ad680c3749b7ef6e4dd_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:888cc5b63ecee0f30e1ae45faf5ccb2d17c73c902a918b9c2e5abe85f8579f46_s390x",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:233b230e32fb38dfddc32ef3046568d80816031c9a6fcff8393448ba452d4f50_arm64",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:c5cbc537b3079fc08d118434ac23e262d9e679adf4143d2be05009831bfa3e6f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-40025"
},
{
"category": "external",
"summary": "RHBZ#2301445",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301445"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40025"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-40025",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-40025"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-c8xw-vjgf-94hr",
"url": "https://github.com/advisories/GHSA-c8xw-vjgf-94hr"
}
],
"release_date": "2023-08-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-01T11:04:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:18b430d162405a964f846242be0c3b7014be4c33689a3a8743b44238c9d7fb75_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:5a9383d8434b4e435d87fa2cecef424f99474bd9a0cb4ea7f7ec503e5dcf0678_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:bdfbf535f858e2c2e1abb74c2d513bf5f970d105f7d7b9678adb4702934056db_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:cb95a31e6445ba30f6189fd8ff2ef6f75b37d7d5835ca168b0a4ea6f03678b1f_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:3bd5a449c9f9d8f36dcb190c5cf245c7700993a81cf44a65ef3bc3e23bbf1661_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:50d0f3f3f9fa326e666bd3d10925cf8b833db3d6d2dd74ddb892df038538505d_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:b2596687f550a204e1c0994583406f857faa1917a1e41561d6b154071c3ed63e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:e4859aef6c26fbadaa45f4e37813977208f490f6f1c047621591ad6be30577b3_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:5fe4ade2ee712defbdd1e0b64af88b62ed7c9bd95ee896e1a9de5ac528320e19_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:ba1ed27f053c5cbb54febfa8b03a038250c557586c501e09abe6906592cdcd19_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:c26725f56d3fe072550431d490cd4faefc7bed9dc624d5f6c240044e736accc5_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:e3979829c8f831fac5a8f7e22e620b8d79cb223dc973a4d9d1fe3b6245bf6ab4_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:67837763574902fd1c6ac1bff6bd7efe6e1fab7049389ae69bc21f50d810397c_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:af0b83accf4344127f61b381dd4f520cda86ade8ee983f1c1ebf11a439f021a7_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:d002617194b11ad14c836a5367ca0198be802c40d8e86b54f188f80fbdf70ff1_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:dbcaa78bc38f4f413eb826f39473c775ec47e64dd17a8779f2c74bf1e65631b5_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:47798cd9f0498560eab4efede77f144b937b07ddb77e3831b654f51d1a5b04b6_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:81bc146c5dfbacde091a03ed12d04b61bc33258d44203798e332efb0ee5c27f9_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:9164b66f491acb3f5ad79a44b1a0d342644bc3c860e98fd2034aa7676b897024_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:edfa5765e92902d63473e1921d4814a007db7bf7242a11b929b1550954ea1dde_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:f979017b7f16d95047c74a087eac689f339cb0a6ad8fa740c138151162a83e29_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:5f9ae6792724ac2e40928d65981d33d54cb29e0d03a4c76eb18deabdf76601bc_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:75cbc8b5e4b25ded63ad9dfec0e1acaca8f0779c85c8e28b489ba2292d176c2b_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:a0684ea750c0aef0ee43e8802a41464d2d6a59a33e698e871b544e7052a6ebc8_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:eb2ad7951c4e0125fb803d681f42f6e8a4d0ce03e1be9567f3aeb9d131c3ed5b_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:178d6bd716c9054f92c9f3889b9f005ca5fd9934b39834e7e13bb34600b24b6b_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:1e17fb78bcf6d4799b02e514527010cf267502d982c2f6e7ce92309e9d0cf550_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:9f4d4a389a54f9c58527e7b5177b11b2f2829ef59a56fae3a4f70192a4823b32_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:fd3214d586fd54846577a57285378b87cade3575911d6040701aee903a53800a_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:02ebf2575bd5991d75d02355967659c71e52f1e7e86bf92e05e614280712552a_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:103da26a12b0f6408da3a16b93a4051ae3c2bd68c5c23398ab09d6a3bc33cb3b_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:423090fd4a5d3f096c61c0445c005da53095dff0154b9ad680c3749b7ef6e4dd_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:888cc5b63ecee0f30e1ae45faf5ccb2d17c73c902a918b9c2e5abe85f8579f46_s390x",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:233b230e32fb38dfddc32ef3046568d80816031c9a6fcff8393448ba452d4f50_arm64",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:c5cbc537b3079fc08d118434ac23e262d9e679adf4143d2be05009831bfa3e6f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4973"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:18b430d162405a964f846242be0c3b7014be4c33689a3a8743b44238c9d7fb75_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:5a9383d8434b4e435d87fa2cecef424f99474bd9a0cb4ea7f7ec503e5dcf0678_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:bdfbf535f858e2c2e1abb74c2d513bf5f970d105f7d7b9678adb4702934056db_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:cb95a31e6445ba30f6189fd8ff2ef6f75b37d7d5835ca168b0a4ea6f03678b1f_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:3bd5a449c9f9d8f36dcb190c5cf245c7700993a81cf44a65ef3bc3e23bbf1661_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:50d0f3f3f9fa326e666bd3d10925cf8b833db3d6d2dd74ddb892df038538505d_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:b2596687f550a204e1c0994583406f857faa1917a1e41561d6b154071c3ed63e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:e4859aef6c26fbadaa45f4e37813977208f490f6f1c047621591ad6be30577b3_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:5fe4ade2ee712defbdd1e0b64af88b62ed7c9bd95ee896e1a9de5ac528320e19_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:ba1ed27f053c5cbb54febfa8b03a038250c557586c501e09abe6906592cdcd19_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:c26725f56d3fe072550431d490cd4faefc7bed9dc624d5f6c240044e736accc5_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:e3979829c8f831fac5a8f7e22e620b8d79cb223dc973a4d9d1fe3b6245bf6ab4_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:67837763574902fd1c6ac1bff6bd7efe6e1fab7049389ae69bc21f50d810397c_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:af0b83accf4344127f61b381dd4f520cda86ade8ee983f1c1ebf11a439f021a7_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:d002617194b11ad14c836a5367ca0198be802c40d8e86b54f188f80fbdf70ff1_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:dbcaa78bc38f4f413eb826f39473c775ec47e64dd17a8779f2c74bf1e65631b5_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:47798cd9f0498560eab4efede77f144b937b07ddb77e3831b654f51d1a5b04b6_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:81bc146c5dfbacde091a03ed12d04b61bc33258d44203798e332efb0ee5c27f9_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:9164b66f491acb3f5ad79a44b1a0d342644bc3c860e98fd2034aa7676b897024_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:edfa5765e92902d63473e1921d4814a007db7bf7242a11b929b1550954ea1dde_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:f979017b7f16d95047c74a087eac689f339cb0a6ad8fa740c138151162a83e29_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:5f9ae6792724ac2e40928d65981d33d54cb29e0d03a4c76eb18deabdf76601bc_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:75cbc8b5e4b25ded63ad9dfec0e1acaca8f0779c85c8e28b489ba2292d176c2b_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:a0684ea750c0aef0ee43e8802a41464d2d6a59a33e698e871b544e7052a6ebc8_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:eb2ad7951c4e0125fb803d681f42f6e8a4d0ce03e1be9567f3aeb9d131c3ed5b_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:178d6bd716c9054f92c9f3889b9f005ca5fd9934b39834e7e13bb34600b24b6b_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:1e17fb78bcf6d4799b02e514527010cf267502d982c2f6e7ce92309e9d0cf550_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:9f4d4a389a54f9c58527e7b5177b11b2f2829ef59a56fae3a4f70192a4823b32_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:fd3214d586fd54846577a57285378b87cade3575911d6040701aee903a53800a_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:02ebf2575bd5991d75d02355967659c71e52f1e7e86bf92e05e614280712552a_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:103da26a12b0f6408da3a16b93a4051ae3c2bd68c5c23398ab09d6a3bc33cb3b_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:423090fd4a5d3f096c61c0445c005da53095dff0154b9ad680c3749b7ef6e4dd_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:888cc5b63ecee0f30e1ae45faf5ccb2d17c73c902a918b9c2e5abe85f8579f46_s390x",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:233b230e32fb38dfddc32ef3046568d80816031c9a6fcff8393448ba452d4f50_arm64",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:c5cbc537b3079fc08d118434ac23e262d9e679adf4143d2be05009831bfa3e6f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "argo-cd: Argo CD web terminal session doesn\u0027t expire"
},
{
"cve": "CVE-2024-40634",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-07-23T14:26:36+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2299473"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Argo CD. This flaw allows an unauthenticated attacker to send a specially crafted large JSON payload to the /api/webhook endpoint, causing excessive memory allocation leading to service disruption by triggering an out-of-memory (OOM) kill. The issue poses a high risk to the availability of Argo CD deployments.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "argocd: Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in Argo CD",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:18b430d162405a964f846242be0c3b7014be4c33689a3a8743b44238c9d7fb75_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:5a9383d8434b4e435d87fa2cecef424f99474bd9a0cb4ea7f7ec503e5dcf0678_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:bdfbf535f858e2c2e1abb74c2d513bf5f970d105f7d7b9678adb4702934056db_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:cb95a31e6445ba30f6189fd8ff2ef6f75b37d7d5835ca168b0a4ea6f03678b1f_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:3bd5a449c9f9d8f36dcb190c5cf245c7700993a81cf44a65ef3bc3e23bbf1661_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:50d0f3f3f9fa326e666bd3d10925cf8b833db3d6d2dd74ddb892df038538505d_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:b2596687f550a204e1c0994583406f857faa1917a1e41561d6b154071c3ed63e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:e4859aef6c26fbadaa45f4e37813977208f490f6f1c047621591ad6be30577b3_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:5fe4ade2ee712defbdd1e0b64af88b62ed7c9bd95ee896e1a9de5ac528320e19_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:ba1ed27f053c5cbb54febfa8b03a038250c557586c501e09abe6906592cdcd19_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:c26725f56d3fe072550431d490cd4faefc7bed9dc624d5f6c240044e736accc5_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:e3979829c8f831fac5a8f7e22e620b8d79cb223dc973a4d9d1fe3b6245bf6ab4_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:67837763574902fd1c6ac1bff6bd7efe6e1fab7049389ae69bc21f50d810397c_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:af0b83accf4344127f61b381dd4f520cda86ade8ee983f1c1ebf11a439f021a7_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:d002617194b11ad14c836a5367ca0198be802c40d8e86b54f188f80fbdf70ff1_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:dbcaa78bc38f4f413eb826f39473c775ec47e64dd17a8779f2c74bf1e65631b5_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:47798cd9f0498560eab4efede77f144b937b07ddb77e3831b654f51d1a5b04b6_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:81bc146c5dfbacde091a03ed12d04b61bc33258d44203798e332efb0ee5c27f9_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:9164b66f491acb3f5ad79a44b1a0d342644bc3c860e98fd2034aa7676b897024_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:edfa5765e92902d63473e1921d4814a007db7bf7242a11b929b1550954ea1dde_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:f979017b7f16d95047c74a087eac689f339cb0a6ad8fa740c138151162a83e29_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:5f9ae6792724ac2e40928d65981d33d54cb29e0d03a4c76eb18deabdf76601bc_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:75cbc8b5e4b25ded63ad9dfec0e1acaca8f0779c85c8e28b489ba2292d176c2b_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:a0684ea750c0aef0ee43e8802a41464d2d6a59a33e698e871b544e7052a6ebc8_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:eb2ad7951c4e0125fb803d681f42f6e8a4d0ce03e1be9567f3aeb9d131c3ed5b_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:178d6bd716c9054f92c9f3889b9f005ca5fd9934b39834e7e13bb34600b24b6b_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:1e17fb78bcf6d4799b02e514527010cf267502d982c2f6e7ce92309e9d0cf550_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:9f4d4a389a54f9c58527e7b5177b11b2f2829ef59a56fae3a4f70192a4823b32_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:fd3214d586fd54846577a57285378b87cade3575911d6040701aee903a53800a_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:02ebf2575bd5991d75d02355967659c71e52f1e7e86bf92e05e614280712552a_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:103da26a12b0f6408da3a16b93a4051ae3c2bd68c5c23398ab09d6a3bc33cb3b_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:423090fd4a5d3f096c61c0445c005da53095dff0154b9ad680c3749b7ef6e4dd_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:888cc5b63ecee0f30e1ae45faf5ccb2d17c73c902a918b9c2e5abe85f8579f46_s390x",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:233b230e32fb38dfddc32ef3046568d80816031c9a6fcff8393448ba452d4f50_arm64",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:c5cbc537b3079fc08d118434ac23e262d9e679adf4143d2be05009831bfa3e6f_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-40634"
},
{
"category": "external",
"summary": "RHBZ#2299473",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299473"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-40634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40634"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-40634",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-40634"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-jmvp-698c-4x3w",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-jmvp-698c-4x3w"
}
],
"release_date": "2024-07-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-01T11:04:17+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:18b430d162405a964f846242be0c3b7014be4c33689a3a8743b44238c9d7fb75_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:5a9383d8434b4e435d87fa2cecef424f99474bd9a0cb4ea7f7ec503e5dcf0678_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:bdfbf535f858e2c2e1abb74c2d513bf5f970d105f7d7b9678adb4702934056db_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:cb95a31e6445ba30f6189fd8ff2ef6f75b37d7d5835ca168b0a4ea6f03678b1f_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:3bd5a449c9f9d8f36dcb190c5cf245c7700993a81cf44a65ef3bc3e23bbf1661_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:50d0f3f3f9fa326e666bd3d10925cf8b833db3d6d2dd74ddb892df038538505d_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:b2596687f550a204e1c0994583406f857faa1917a1e41561d6b154071c3ed63e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:e4859aef6c26fbadaa45f4e37813977208f490f6f1c047621591ad6be30577b3_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:5fe4ade2ee712defbdd1e0b64af88b62ed7c9bd95ee896e1a9de5ac528320e19_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:ba1ed27f053c5cbb54febfa8b03a038250c557586c501e09abe6906592cdcd19_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:c26725f56d3fe072550431d490cd4faefc7bed9dc624d5f6c240044e736accc5_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:e3979829c8f831fac5a8f7e22e620b8d79cb223dc973a4d9d1fe3b6245bf6ab4_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:67837763574902fd1c6ac1bff6bd7efe6e1fab7049389ae69bc21f50d810397c_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:af0b83accf4344127f61b381dd4f520cda86ade8ee983f1c1ebf11a439f021a7_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:d002617194b11ad14c836a5367ca0198be802c40d8e86b54f188f80fbdf70ff1_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:dbcaa78bc38f4f413eb826f39473c775ec47e64dd17a8779f2c74bf1e65631b5_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:47798cd9f0498560eab4efede77f144b937b07ddb77e3831b654f51d1a5b04b6_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:81bc146c5dfbacde091a03ed12d04b61bc33258d44203798e332efb0ee5c27f9_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:9164b66f491acb3f5ad79a44b1a0d342644bc3c860e98fd2034aa7676b897024_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:edfa5765e92902d63473e1921d4814a007db7bf7242a11b929b1550954ea1dde_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:f979017b7f16d95047c74a087eac689f339cb0a6ad8fa740c138151162a83e29_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:5f9ae6792724ac2e40928d65981d33d54cb29e0d03a4c76eb18deabdf76601bc_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:75cbc8b5e4b25ded63ad9dfec0e1acaca8f0779c85c8e28b489ba2292d176c2b_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:a0684ea750c0aef0ee43e8802a41464d2d6a59a33e698e871b544e7052a6ebc8_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:eb2ad7951c4e0125fb803d681f42f6e8a4d0ce03e1be9567f3aeb9d131c3ed5b_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:178d6bd716c9054f92c9f3889b9f005ca5fd9934b39834e7e13bb34600b24b6b_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:1e17fb78bcf6d4799b02e514527010cf267502d982c2f6e7ce92309e9d0cf550_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:9f4d4a389a54f9c58527e7b5177b11b2f2829ef59a56fae3a4f70192a4823b32_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:fd3214d586fd54846577a57285378b87cade3575911d6040701aee903a53800a_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:02ebf2575bd5991d75d02355967659c71e52f1e7e86bf92e05e614280712552a_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:103da26a12b0f6408da3a16b93a4051ae3c2bd68c5c23398ab09d6a3bc33cb3b_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:423090fd4a5d3f096c61c0445c005da53095dff0154b9ad680c3749b7ef6e4dd_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:888cc5b63ecee0f30e1ae45faf5ccb2d17c73c902a918b9c2e5abe85f8579f46_s390x",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:233b230e32fb38dfddc32ef3046568d80816031c9a6fcff8393448ba452d4f50_arm64",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:c5cbc537b3079fc08d118434ac23e262d9e679adf4143d2be05009831bfa3e6f_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4973"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:18b430d162405a964f846242be0c3b7014be4c33689a3a8743b44238c9d7fb75_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:5a9383d8434b4e435d87fa2cecef424f99474bd9a0cb4ea7f7ec503e5dcf0678_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:bdfbf535f858e2c2e1abb74c2d513bf5f970d105f7d7b9678adb4702934056db_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/argo-rollouts-rhel8@sha256:cb95a31e6445ba30f6189fd8ff2ef6f75b37d7d5835ca168b0a4ea6f03678b1f_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:3bd5a449c9f9d8f36dcb190c5cf245c7700993a81cf44a65ef3bc3e23bbf1661_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:50d0f3f3f9fa326e666bd3d10925cf8b833db3d6d2dd74ddb892df038538505d_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:b2596687f550a204e1c0994583406f857faa1917a1e41561d6b154071c3ed63e_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/argocd-rhel8@sha256:e4859aef6c26fbadaa45f4e37813977208f490f6f1c047621591ad6be30577b3_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:5fe4ade2ee712defbdd1e0b64af88b62ed7c9bd95ee896e1a9de5ac528320e19_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:ba1ed27f053c5cbb54febfa8b03a038250c557586c501e09abe6906592cdcd19_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:c26725f56d3fe072550431d490cd4faefc7bed9dc624d5f6c240044e736accc5_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/console-plugin-rhel8@sha256:e3979829c8f831fac5a8f7e22e620b8d79cb223dc973a4d9d1fe3b6245bf6ab4_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:67837763574902fd1c6ac1bff6bd7efe6e1fab7049389ae69bc21f50d810397c_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:af0b83accf4344127f61b381dd4f520cda86ade8ee983f1c1ebf11a439f021a7_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:d002617194b11ad14c836a5367ca0198be802c40d8e86b54f188f80fbdf70ff1_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/dex-rhel8@sha256:dbcaa78bc38f4f413eb826f39473c775ec47e64dd17a8779f2c74bf1e65631b5_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-operator-bundle@sha256:47798cd9f0498560eab4efede77f144b937b07ddb77e3831b654f51d1a5b04b6_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:81bc146c5dfbacde091a03ed12d04b61bc33258d44203798e332efb0ee5c27f9_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:9164b66f491acb3f5ad79a44b1a0d342644bc3c860e98fd2034aa7676b897024_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:edfa5765e92902d63473e1921d4814a007db7bf7242a11b929b1550954ea1dde_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8-operator@sha256:f979017b7f16d95047c74a087eac689f339cb0a6ad8fa740c138151162a83e29_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:5f9ae6792724ac2e40928d65981d33d54cb29e0d03a4c76eb18deabdf76601bc_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:75cbc8b5e4b25ded63ad9dfec0e1acaca8f0779c85c8e28b489ba2292d176c2b_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:a0684ea750c0aef0ee43e8802a41464d2d6a59a33e698e871b544e7052a6ebc8_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/gitops-rhel8@sha256:eb2ad7951c4e0125fb803d681f42f6e8a4d0ce03e1be9567f3aeb9d131c3ed5b_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:178d6bd716c9054f92c9f3889b9f005ca5fd9934b39834e7e13bb34600b24b6b_s390x",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:1e17fb78bcf6d4799b02e514527010cf267502d982c2f6e7ce92309e9d0cf550_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:9f4d4a389a54f9c58527e7b5177b11b2f2829ef59a56fae3a4f70192a4823b32_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/kam-delivery-rhel8@sha256:fd3214d586fd54846577a57285378b87cade3575911d6040701aee903a53800a_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:02ebf2575bd5991d75d02355967659c71e52f1e7e86bf92e05e614280712552a_amd64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:103da26a12b0f6408da3a16b93a4051ae3c2bd68c5c23398ab09d6a3bc33cb3b_ppc64le",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:423090fd4a5d3f096c61c0445c005da53095dff0154b9ad680c3749b7ef6e4dd_arm64",
"8Base-GitOps-1.12:openshift-gitops-1/must-gather-rhel8@sha256:888cc5b63ecee0f30e1ae45faf5ccb2d17c73c902a918b9c2e5abe85f8579f46_s390x",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:233b230e32fb38dfddc32ef3046568d80816031c9a6fcff8393448ba452d4f50_arm64",
"9Base-GitOps-1.12:openshift-gitops-1/argocd-rhel9@sha256:c5cbc537b3079fc08d118434ac23e262d9e679adf4143d2be05009831bfa3e6f_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "argocd: Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in Argo CD"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…