rhsa-2024_10186
Vulnerability from csaf_redhat
Published
2024-11-22 01:06
Modified
2024-12-18 04:40
Summary
Red Hat Security Advisory: ACS 4.5 enhancement update
Notes
Topic
Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes a bug fix and security fixes.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
This release of RHACS 4.5.5 introduces the following changes:
Bug fix:
* Fixed an issue with redirects in curl commands leading to empty files and errors in scanning. (ROX-26929)
* Scanner V4 now reindexes image upon indexer updates. (ROX-23956)
Security fixes:
* encoding/gob: golang: Calling Decoder.Decode on a message which contains
deeply nested structures can cause a panic due to stack exhaustion
(CVE-2024-34156)
* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* dompurify: DOMPurify vulnerable to tampering by prototype pollution
(CVE-2024-48910)
* golang: archive/zip: Incorrect handling of certain ZIP files (CVE-2024-24789)
* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6
addresses (CVE-2024-24790)
* cross-spawn: Regular expression denial of service (CVE-2024-21538)
For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in the
References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes a bug fix and security fixes.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "This release of RHACS 4.5.5 introduces the following changes:\n\nBug fix:\n\n* Fixed an issue with redirects in curl commands leading to empty files and errors in scanning. (ROX-26929)\n\n* Scanner V4 now reindexes image upon indexer updates. (ROX-23956)\n\nSecurity fixes:\n\n* encoding/gob: golang: Calling Decoder.Decode on a message which contains\ndeeply nested structures can cause a panic due to stack exhaustion\n(CVE-2024-34156)\n\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n\n* dompurify: DOMPurify vulnerable to tampering by prototype pollution\n(CVE-2024-48910)\n\n* golang: archive/zip: Incorrect handling of certain ZIP files (CVE-2024-24789)\n\n* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6\naddresses (CVE-2024-24790)\n\n* cross-spawn: Regular expression denial of service (CVE-2024-21538)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in the\nReferences section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:10186", "url": "https://access.redhat.com/errata/RHSA-2024:10186" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2292668", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668" }, { "category": "external", "summary": "2292787", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787" }, { "category": "external", "summary": "2310528", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528" }, { "category": "external", "summary": "2311171", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171" }, { "category": "external", "summary": "2322949", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322949" }, { "category": "external", "summary": "2324550", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324550" }, { "category": "external", "summary": "ROX-23956", "url": "https://issues.redhat.com/browse/ROX-23956" }, { "category": "external", "summary": "ROX-26943", "url": "https://issues.redhat.com/browse/ROX-26943" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10186.json" } ], "title": "Red Hat Security Advisory: ACS 4.5 enhancement update", "tracking": { "current_release_date": "2024-12-18T04:40:46+00:00", "generator": { "date": "2024-12-18T04:40:46+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:10186", "initial_release_date": "2024-11-22T01:06:56+00:00", "revision_history": [ { "date": "2024-11-22T01:06:56+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-11-22T01:06:56+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-18T04:40:46+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHACS 4.5 for RHEL 8", "product": { "name": "RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5", "product_identification_helper": { "cpe": "cpe:/a:redhat:advanced_cluster_security:4.5::el8" } } } ], "category": "product_family", "name": "Red Hat Advanced Cluster Security for Kubernetes" }, { "branches": [ { "category": "product_version", "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "product": { "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "product": { "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "product": { "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "product": { "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.5.5-3" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "product": { "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "product": { "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "product": { "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "product": { "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "product": { "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "product": { "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "product": { "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64", "product": { "name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64", "product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "product": { "name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.5.5-4" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.5.5-3" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.5.5-4" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "product": { "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "product": { "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "product": { "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x", "product": { "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x", "product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.5.5-3" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "product": { "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "product": { "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "product": { "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "product": { "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "product": { "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "product": { "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "product": { "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "product": { "name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.5.5-4" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "product": { "name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.5.5-4" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64 as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64" }, "product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x" }, "product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64 as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64" }, "product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x" }, "product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x" }, "product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64 as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64" }, "product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64 as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64" }, "product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x" }, "product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x" }, "product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64 as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64" }, "product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x" }, "product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64 as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64" }, "product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x" }, "product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64 as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64" }, "product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64 as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64" }, "product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x" }, "product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64 as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64" }, "product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x" }, "product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64 as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64" }, "product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x" }, "product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64 as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64" }, "product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x" }, "product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64 as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64" }, "product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x" }, "product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x" }, "product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64 as a component of RHACS 4.5 for RHEL 8", "product_id": "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" }, "product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64", "relates_to_product_reference": "8Base-RHACS-4.5" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-21538", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2024-11-08T13:44:29.182678+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2324550" } ], "notes": [ { "category": "description", "text": "A Regular Expression Denial of Service (ReDoS) vulnerability was found in the cross-spawn package for Node.js. Due to improper input sanitization, an attacker can increase CPU usage and crash the program with a large, specially crafted string.", "title": "Vulnerability description" }, { "category": "summary", "text": "cross-spawn: regular expression denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x" ], "known_not_affected": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-21538" }, { "category": "external", "summary": "RHBZ#2324550", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324550" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-21538", "url": "https://www.cve.org/CVERecord?id=CVE-2024-21538" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-21538", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21538" }, { "category": "external", "summary": "https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff", "url": "https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff" }, { "category": "external", "summary": "https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f", "url": "https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f" }, { "category": "external", "summary": "https://github.com/moxystudio/node-cross-spawn/pull/160", "url": "https://github.com/moxystudio/node-cross-spawn/pull/160" }, { "category": "external", "summary": "https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230", "url": "https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230" } ], "release_date": "2024-11-08T05:00:04.695000+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-22T01:06:56+00:00", "details": "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to this patch release 4.5.5.", "product_ids": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:10186" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "cross-spawn: regular expression denial of service" }, { "cve": "CVE-2024-24789", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2024-06-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2292668" } ], "notes": [ { "category": "description", "text": "A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: archive/zip: Incorrect handling of certain ZIP files", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ], "known_not_affected": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-24789" }, { "category": "external", "summary": "RHBZ#2292668", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24789", "url": "https://www.cve.org/CVERecord?id=CVE-2024-24789" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789" } ], "release_date": "2024-06-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-22T01:06:56+00:00", "details": "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to this patch release 4.5.5.", "product_ids": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:10186" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: archive/zip: Incorrect handling of certain ZIP files" }, { "cve": "CVE-2024-24790", "cwe": { "id": "CWE-115", "name": "Misinterpretation of Input" }, "discovery_date": "2024-06-17T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2292787" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Go language standard library net/netip. The method Is*() (IsPrivate(), IsPublic(), etc) doesn\u0027t behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to control access to resources or data.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses", "title": "Vulnerability summary" }, { "category": "other", "text": "This CVE has been marked as moderate as for our products a network-based attack vector is simply impossible when it comes to golang code,apart from that as per CVE flaw analysis reported by golang, this only affects integrity and confidentiality and has no effect on availability, hence CVSS has been marked as such.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x" ], "known_not_affected": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-24790" }, { "category": "external", "summary": "RHBZ#2292787", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24790", "url": "https://www.cve.org/CVERecord?id=CVE-2024-24790" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790" } ], "release_date": "2024-06-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-22T01:06:56+00:00", "details": "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to this patch release 4.5.5.", "product_ids": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:10186" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses" }, { "cve": "CVE-2024-34156", "cwe": { "id": "CWE-674", "name": "Uncontrolled Recursion" }, "discovery_date": "2024-09-06T21:20:09.377905+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2310528" } ], "notes": [ { "category": "description", "text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.", "title": "Vulnerability description" }, { "category": "summary", "text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x" ], "known_not_affected": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-34156" }, { "category": "external", "summary": "RHBZ#2310528", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156", "url": "https://www.cve.org/CVERecord?id=CVE-2024-34156" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156" }, { "category": "external", "summary": "https://go.dev/cl/611239", "url": "https://go.dev/cl/611239" }, { "category": "external", "summary": "https://go.dev/issue/69139", "url": "https://go.dev/issue/69139" }, { "category": "external", "summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", "url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2024-3106", "url": "https://pkg.go.dev/vuln/GO-2024-3106" } ], "release_date": "2024-09-06T21:15:12.020000+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-22T01:06:56+00:00", "details": "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to this patch release 4.5.5.", "product_ids": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:10186" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion" }, { "cve": "CVE-2024-45590", "cwe": { "id": "CWE-405", "name": "Asymmetric Resource Consumption (Amplification)" }, "discovery_date": "2024-09-10T16:20:29.292154+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2311171" } ], "notes": [ { "category": "description", "text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.", "title": "Vulnerability description" }, { "category": "summary", "text": "body-parser: Denial of Service Vulnerability in body-parser", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x" ], "known_not_affected": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-45590" }, { "category": "external", "summary": "RHBZ#2311171", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590", "url": "https://www.cve.org/CVERecord?id=CVE-2024-45590" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590" }, { "category": "external", "summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce", "url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce" }, { "category": "external", "summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7", "url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7" } ], "release_date": "2024-09-10T16:15:21.083000+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-22T01:06:56+00:00", "details": "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to this patch release 4.5.5.", "product_ids": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:10186" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "body-parser: Denial of Service Vulnerability in body-parser" }, { "cve": "CVE-2024-48910", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2024-10-31T15:00:53.609372+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2322949" } ], "notes": [ { "category": "description", "text": "A prototype pollution vulnerability was found in DOMPurify. This flaw allows a remote attacker to add or modify attributes of an object prototype. This issue can lead to the injection of malicious attributes used in other components or cause a crash by overriding existing attributes with ones of incompatible type.", "title": "Vulnerability description" }, { "category": "summary", "text": "dompurify: DOMPurify vulnerable to tampering by prototype pollution", "title": "Vulnerability summary" }, { "category": "other", "text": "The prototype pollution vulnerability in DOMPurify is considered a high-severity issue because it allows attackers to modify the prototype of built-in JavaScript objects, potentially impacting the entire application. This could lead to security risks, such as overwriting methods on fundamental objects like `Object`, `Array`, or `Function`, allowing attackers to manipulate application behavior, bypass security controls, or cause application crashes. Given that DOMPurify is a core library for sanitizing user input, an attacker exploiting this vulnerability could gain control over how sanitized content is processed, leading to the execution of malicious scripts or triggering other unintended behaviors across the application.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x" ], "known_not_affected": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-48910" }, { "category": "external", "summary": "RHBZ#2322949", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322949" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-48910", "url": "https://www.cve.org/CVERecord?id=CVE-2024-48910" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-48910", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48910" }, { "category": "external", "summary": "https://github.com/cure53/DOMPurify/commit/d1dd0374caef2b4c56c3bd09fe1988c3479166dc", "url": "https://github.com/cure53/DOMPurify/commit/d1dd0374caef2b4c56c3bd09fe1988c3479166dc" }, { "category": "external", "summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-p3vf-v8qc-cwcr", "url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-p3vf-v8qc-cwcr" } ], "release_date": "2024-10-31T14:22:52.867000+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-22T01:06:56+00:00", "details": "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to this patch release 4.5.5.", "product_ids": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:10186" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L", "version": "3.1" }, "products": [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:79fc46d20cd3787ee5129832c5241ce33484fd64ce00dd8f3873f497c355a3f5_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ecbf4c82ae5adbe31e667a90d8f2373b241b0d9262d23a1d1194b79307cd750_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:a7bc7b1b31cdce51d2b5edd96290401eea9df86098bcad167947934e7ba624a1_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:2734e59b4f5115595fb286a8e63ddfa735d918e2d40b9a76702704e21fbe0581_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:6347c6cdd000ec7f9f76f171313de70bd210b26ef2b575306ef7c9dd6f1dd614_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:b7d78346ed114c2259a4318df15fdf825226f1a67c55f6cfb2497616fbd3c667_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:22ebd5953ed18868b378c0aaf3f15184b275ba160c371e831192787dde892b89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:519f9cbede8adc5e659c01c48a9e73d4c71045b95ebba68a079712305525306c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d605988258e3c3dba21c3acaec5fff23863d55d42fbd70ee0cf32d3914e83cad_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:18074a936a8e98219d23a1396deaf43329cad464da8830ab739af32f1f339de9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:2a2042c482bc973f5c7f3d0b2269c26fef9091919d615e6204f437af71fc97d2_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:e5c6287683f1a41971bd3b0eb43281eea17e7dce287ea4298e08b062ee7cbe2a_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a846783fa12efc4f8f9fb71c6a07b0a0e3d35833f00a437c0e574300f5c0eb44_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:a9d8e784d1518403036a2bdf69ae87d1dada4581c6b233764c4e6ab97ad155ca_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:b262749b36483ac23f7e9311a410b4e1bfb3455074e189d2cd4e88570c953803_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:23fe140d4053fccc34d5a45424272a6e8541c2c1c555310fba8c0b72d631ae8e_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3f623ea920f59e62daca5a72e3989fbb661d15dadcc260ad8c337f95d3ba0fe9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:defdc09b5b0c215612f77e03cacaf51af89dbc12cde45b794a98ee59f903b1cf_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1b8ccd467895c572aaf16679912f94b098349b8cd02094aedcd4d15e8160d496_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:64f27e29c5669628d29ffd3c1a1afeb3998537396591edb4427cab467fe992a0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f3567a4e068a1d57a8a662fb3bd991f43e01a1b7591667ef9abea9d3af67e0ca_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4a69203931016c786835d129e57ef914d848fbe64f656b368cde952f56ee61dd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:74515973a5ba749782d896b03ee18924e0ab4072ccd15c79b6055717cbdcfbc7_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9649c0c7c428e08d4dcbe00ebc0f3335d9fb260a9ec652e2d51d787896648097_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:569e117b6bb2b70e98b72fcba7e3e0a2beeb208dbe262bc0f6a90c6564c26003_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c81b3cb945aebcaf5e8311d45ca2b9e8680d27ac350dcad3cb9f9472af80a0fa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f770fe7f346d3815325020fcfc4d79988eee85970cd2efa5666ffa024cfa2dcf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2873555154a7e86d0d50ab04530f7dac31db601368e42da693306c493ac75836_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:650c3b298aa0a161a5005725e97b1ea9d73bea90ded7a917be241f8f6fce7ef3_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:67b04d8f3ee93c00399d90fce995c61bdec2d8ad8f5429f51b6a3fcaf5d837ff_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ea83a89d29664ada45cec629c40969ff84086f9a9550e5d347615a946bf1f5c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:886e59b45539b1a754f13ab65c000923ddf4dd47cc4b3f1a5508e70ba2fdeeaa_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cef5d878b1598b58db0d0f3f4bd4be7f3616ab5e586b3cec33dd8b855a3b699d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:7aa40436ac01560d67b9898094918760f71d61ed274bb07892cd4dd76c789993_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9debaa9e0953cb60e9d7e189d5feda503d87208dc107acf5430840cfc93df0de_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:defdb3ac5f37c7c98762ecf061577b5a41a2fa547318445d23981d4eacf3c5ba_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:40f42baadbbba89fabb1e368082218b6a489cf50379428ac178bfa8f0637becf_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:d4a3278bb2f1ec87b3075522ce9e655c6c325d2e00dc630d2bf2958021315ff9_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f47593313f447d4d7d3b0921056b877000da7f43efafd4f009d73714c723ebe5_amd64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "dompurify: DOMPurify vulnerable to tampering by prototype pollution" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.