rhsa-2024_1557
Vulnerability from csaf_redhat
Published
2024-03-28 05:31
Modified
2024-12-17 22:37
Summary
Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift Builds 1.0.1

Notes

Topic
An update is now available for Red Hat OpenShift Builds 1.0. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Builds 1.0. Security Fix(es): * CVE-2023-48795 ssh: Prefix truncation attack on Binary Packet Protocol (BPP) * CVE-2023-49569 go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients * CVE-2023-49568 go-git: Maliciously crafted Git server replies can cause DoS on go-git clients For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.



{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat OpenShift Builds 1.0.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat OpenShift Builds 1.0.\n\nSecurity Fix(es):\n\n* CVE-2023-48795 ssh: Prefix truncation attack on Binary Packet Protocol (BPP)\n* CVE-2023-49569 go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients\n* CVE-2023-49568 go-git: Maliciously crafted Git server replies can cause DoS on go-git clients\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:1557",
        "url": "https://access.redhat.com/errata/RHSA-2024:1557"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#critical",
        "url": "https://access.redhat.com/security/updates/classification/#critical"
      },
      {
        "category": "external",
        "summary": "2254210",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
      },
      {
        "category": "external",
        "summary": "2258143",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258143"
      },
      {
        "category": "external",
        "summary": "2258165",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258165"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1557.json"
      }
    ],
    "title": "Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift Builds 1.0.1",
    "tracking": {
      "current_release_date": "2024-12-17T22:37:23+00:00",
      "generator": {
        "date": "2024-12-17T22:37:23+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.3"
        }
      },
      "id": "RHSA-2024:1557",
      "initial_release_date": "2024-03-28T05:31:12+00:00",
      "revision_history": [
        {
          "date": "2024-03-28T05:31:12+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-03-28T05:31:12+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-17T22:37:23+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Builds for Red Hat OpenShift 1.0",
                "product": {
                  "name": "Builds for Red Hat OpenShift 1.0",
                  "product_id": "8Base-OPENSHIFT-BUILDS-1.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift_builds:1.0::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Builds for Red Hat OpenShift"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
                "product": {
                  "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
                  "product_id": "openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-controller-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
                "product": {
                  "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
                  "product_id": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
                "product": {
                  "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
                  "product_id": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
                "product": {
                  "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
                  "product_id": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
                "product": {
                  "name": "openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
                  "product_id": "openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-operator-bundle\u0026tag=v1.0.1-11"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
                "product": {
                  "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
                  "product_id": "openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-rhel8-operator\u0026tag=v1.0.1-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
                "product": {
                  "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
                  "product_id": "openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
                "product": {
                  "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
                  "product_id": "openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
                "product": {
                  "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
                  "product_id": "openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-controller-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
                "product": {
                  "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
                  "product_id": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
                "product": {
                  "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
                  "product_id": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
                "product": {
                  "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
                  "product_id": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
                "product": {
                  "name": "openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
                  "product_id": "openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-operator-bundle\u0026tag=v1.0.1-11"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
                "product": {
                  "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
                  "product_id": "openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-rhel8-operator\u0026tag=v1.0.1-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
                "product": {
                  "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
                  "product_id": "openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
                "product": {
                  "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
                  "product_id": "openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
                "product": {
                  "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
                  "product_id": "openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-controller-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
                "product": {
                  "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
                  "product_id": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
                "product": {
                  "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
                  "product_id": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
                "product": {
                  "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
                  "product_id": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
                "product": {
                  "name": "openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
                  "product_id": "openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-operator-bundle\u0026tag=v1.0.1-11"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
                "product": {
                  "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
                  "product_id": "openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-rhel8-operator\u0026tag=v1.0.1-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
                "product": {
                  "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
                  "product_id": "openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64",
                "product": {
                  "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64",
                  "product_id": "openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
                "product": {
                  "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
                  "product_id": "openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-controller-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
                "product": {
                  "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
                  "product_id": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
                "product": {
                  "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
                  "product_id": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
                "product": {
                  "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
                  "product_id": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
                "product": {
                  "name": "openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
                  "product_id": "openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-operator-bundle\u0026tag=v1.0.1-11"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
                "product": {
                  "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
                  "product_id": "openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-rhel8-operator\u0026tag=v1.0.1-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
                "product": {
                  "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
                  "product_id": "openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
                "product": {
                  "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
                  "product_id": "openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel8\u0026tag=v1.0.1-4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x"
        },
        "product_reference": "openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64 as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64"
        },
        "product_reference": "openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le"
        },
        "product_reference": "openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64 as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64"
        },
        "product_reference": "openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64 as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64"
        },
        "product_reference": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le"
        },
        "product_reference": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64 as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64"
        },
        "product_reference": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x"
        },
        "product_reference": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le"
        },
        "product_reference": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64 as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64"
        },
        "product_reference": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x"
        },
        "product_reference": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64 as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64"
        },
        "product_reference": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64 as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64"
        },
        "product_reference": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x"
        },
        "product_reference": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64 as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64"
        },
        "product_reference": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le"
        },
        "product_reference": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le"
        },
        "product_reference": "openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64 as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64"
        },
        "product_reference": "openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x"
        },
        "product_reference": "openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64 as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64"
        },
        "product_reference": "openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64 as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64"
        },
        "product_reference": "openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64 as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64"
        },
        "product_reference": "openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le"
        },
        "product_reference": "openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x"
        },
        "product_reference": "openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64 as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64"
        },
        "product_reference": "openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x"
        },
        "product_reference": "openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64 as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64"
        },
        "product_reference": "openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le"
        },
        "product_reference": "openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64 as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64"
        },
        "product_reference": "openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le"
        },
        "product_reference": "openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x"
        },
        "product_reference": "openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64 as a component of Builds for Red Hat OpenShift 1.0",
          "product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
        },
        "product_reference": "openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64",
        "relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-48795",
      "cwe": {
        "id": "CWE-222",
        "name": "Truncation of Security-relevant Information"
      },
      "discovery_date": "2023-12-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2254210"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "RHBZ#2254210",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/solutions/7071748",
          "url": "https://access.redhat.com/solutions/7071748"
        },
        {
          "category": "external",
          "summary": "https://terrapin-attack.com/",
          "url": "https://terrapin-attack.com/"
        }
      ],
      "release_date": "2023-12-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-03-28T05:31:12+00:00",
          "details": "For details on how to apply this update, which includes the changes described in\nthis advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:1557"
        },
        {
          "category": "workaround",
          "details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748",
          "product_ids": [
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"
    },
    {
      "cve": "CVE-2023-49568",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2024-01-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2258165"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service (DoS) vulnerability was found in the go library go-git. This issue may allow an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which can trigger resource exhaustion in go-git clients.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "go-git: Maliciously crafted Git server replies can cause DoS on go-git clients",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This problem only affects the go implementation and not the original git cli code. Applications using only in-memory filesystems are not affected by this issue. Clients should be limited to connect to only trusted git servers to reduce the risk of compromise.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-49568"
        },
        {
          "category": "external",
          "summary": "RHBZ#2258165",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258165"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-49568",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-49568"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-49568",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49568"
        },
        {
          "category": "external",
          "summary": "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r",
          "url": "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r"
        }
      ],
      "release_date": "2023-12-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-03-28T05:31:12+00:00",
          "details": "For details on how to apply this update, which includes the changes described in\nthis advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:1557"
        },
        {
          "category": "workaround",
          "details": "In cases where a bump to the latest version of go-git is not possible, a recommendation to reduce the exposure of this threat is limiting its use to only trust-worthy Git servers.",
          "product_ids": [
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "go-git: Maliciously crafted Git server replies can cause DoS on go-git clients"
    },
    {
      "cve": "CVE-2023-49569",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2024-01-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2258143"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A path traversal vulnerability was discovered in the go library go-git. This issue may allow an attacker to create and amend files across the filesystem when applications are using the default ChrootOS, potentially allowing remote code execution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This problem only affects the go implementation and not the original git cli code. Applications using BoundOS or in-memory filesystems are not affected by this issue. Clients should be limited to connect to only trusted git servers to reduce the risk of compromise.\n\nIn OpenShift Container Platform (OCP) the vulnerable github.com/go-git/go-git/v5 Go package is used as a dependency in many components where the vulnerable function is not used, hence the impact by this vulnerability is reduced to Low.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
          "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-49569"
        },
        {
          "category": "external",
          "summary": "RHBZ#2258143",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258143"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-49569",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-49569"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-49569",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49569"
        },
        {
          "category": "external",
          "summary": "https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88",
          "url": "https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88"
        }
      ],
      "release_date": "2024-01-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-03-28T05:31:12+00:00",
          "details": "For details on how to apply this update, which includes the changes described in\nthis advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:1557"
        },
        {
          "category": "workaround",
          "details": "In cases where a bump to the latest version of go-git is not possible, a recommendation to reduce the exposure of this threat is limiting its use to only trust-worthy Git servers.",
          "product_ids": [
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
            "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Critical"
        }
      ],
      "title": "go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.