RHSA-2024_1557
Vulnerability from csaf_redhat - Published: 2024-03-28 05:31 - Updated: 2024-12-17 22:37Summary
Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift Builds 1.0.1
Severity
Critical
Notes
Topic: An update is now available for Red Hat OpenShift Builds 1.0.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Builds 1.0.
Security Fix(es):
* CVE-2023-48795 ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
* CVE-2023-49569 go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients
* CVE-2023-49568 go-git: Maliciously crafted Git server replies can cause DoS on go-git clients
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.
5.9 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in
this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:1557
Workaround
Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If "kex-strict-c-v00@openssh.com" is provided by clients and "kex-strict-s-v00@openssh.com" is in the server's reply, no other steps are necessary.
Disabling ciphers if necessary:
If "kex-strict-c-v00@openssh.com" is not provided by clients or "kex-strict-s-v00@openssh.com" is absent in the server's reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:
1. chacha20-poly1305@openssh.com
2. hmac-sha2-512-etm@openssh.com
3. hmac-sha2-256-etm@openssh.com
4. hmac-sha1-etm@openssh.com
5. hmac-md5-etm@openssh.com
To do that through crypto-policies, one can apply a subpolicy with the following content:
```
cipher@SSH = -CHACHA20-POLY1305
ssh_etm = 0
```
e.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.
One can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.
For more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening
Note that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.
For RHEL-7:
We can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.
Below strict set of Ciphers and MACs can be used as mitigation for RHEL 7.
```
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
MACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512
```
- For Openshift Container Platform 4:
Please refer the KCS[1] document for verifying the fix in RHCOS.
[1] https://access.redhat.com/solutions/7071748
A denial of service (DoS) vulnerability was found in the go library go-git. This issue may allow an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which can trigger resource exhaustion in go-git clients.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in
this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:1557
Workaround
In cases where a bump to the latest version of go-git is not possible, a recommendation to reduce the exposure of this threat is limiting its use to only trust-worthy Git servers.
A path traversal vulnerability was discovered in the go library go-git. This issue may allow an attacker to create and amend files across the filesystem when applications are using the default ChrootOS, potentially allowing remote code execution.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in
this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2024:1557
Workaround
In cases where a bump to the latest version of go-git is not possible, a recommendation to reduce the exposure of this threat is limiting its use to only trust-worthy Git servers.
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift Builds 1.0.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Builds 1.0.\n\nSecurity Fix(es):\n\n* CVE-2023-48795 ssh: Prefix truncation attack on Binary Packet Protocol (BPP)\n* CVE-2023-49569 go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients\n* CVE-2023-49568 go-git: Maliciously crafted Git server replies can cause DoS on go-git clients\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1557",
"url": "https://access.redhat.com/errata/RHSA-2024:1557"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "2258143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258143"
},
{
"category": "external",
"summary": "2258165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258165"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1557.json"
}
],
"title": "Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift Builds 1.0.1",
"tracking": {
"current_release_date": "2024-12-17T22:37:23+00:00",
"generator": {
"date": "2024-12-17T22:37:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:1557",
"initial_release_date": "2024-03-28T05:31:12+00:00",
"revision_history": [
{
"date": "2024-03-28T05:31:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-03-28T05:31:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:37:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Builds for Red Hat OpenShift 1.0",
"product": {
"name": "Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_builds:1.0::el8"
}
}
}
],
"category": "product_family",
"name": "Builds for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"product": {
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"product_id": "openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-controller-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"product": {
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"product_id": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"product": {
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"product_id": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"product": {
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"product_id": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"product": {
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"product_id": "openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-operator-bundle\u0026tag=v1.0.1-11"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"product": {
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"product_id": "openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-rhel8-operator\u0026tag=v1.0.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"product": {
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"product_id": "openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"product": {
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"product_id": "openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel8\u0026tag=v1.0.1-4"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"product": {
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"product_id": "openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-controller-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"product": {
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"product_id": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"product": {
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"product_id": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"product": {
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"product_id": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"product": {
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"product_id": "openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-operator-bundle\u0026tag=v1.0.1-11"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"product": {
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"product_id": "openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-rhel8-operator\u0026tag=v1.0.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"product": {
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"product_id": "openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"product": {
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"product_id": "openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel8\u0026tag=v1.0.1-4"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"product": {
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"product_id": "openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-controller-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"product": {
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"product_id": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"product": {
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"product_id": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"product": {
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"product_id": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"product": {
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"product_id": "openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-operator-bundle\u0026tag=v1.0.1-11"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"product": {
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"product_id": "openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-rhel8-operator\u0026tag=v1.0.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"product": {
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"product_id": "openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64",
"product": {
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64",
"product_id": "openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel8\u0026tag=v1.0.1-4"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"product": {
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"product_id": "openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-controller-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"product": {
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"product_id": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"product": {
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"product_id": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"product": {
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"product_id": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"product": {
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"product_id": "openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-operator-bundle\u0026tag=v1.0.1-11"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"product": {
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"product_id": "openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-rhel8-operator\u0026tag=v1.0.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"product": {
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"product_id": "openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel8\u0026tag=v1.0.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"product": {
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"product_id": "openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel8\u0026tag=v1.0.1-4"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x"
},
"product_reference": "openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64"
},
"product_reference": "openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le"
},
"product_reference": "openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64"
},
"product_reference": "openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64"
},
"product_reference": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le"
},
"product_reference": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64"
},
"product_reference": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x"
},
"product_reference": "openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le"
},
"product_reference": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64"
},
"product_reference": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x"
},
"product_reference": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64"
},
"product_reference": "openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64"
},
"product_reference": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x"
},
"product_reference": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64"
},
"product_reference": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le"
},
"product_reference": "openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le"
},
"product_reference": "openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64"
},
"product_reference": "openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x"
},
"product_reference": "openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64"
},
"product_reference": "openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64"
},
"product_reference": "openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64"
},
"product_reference": "openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le"
},
"product_reference": "openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x"
},
"product_reference": "openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64"
},
"product_reference": "openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x"
},
"product_reference": "openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64"
},
"product_reference": "openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le"
},
"product_reference": "openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64"
},
"product_reference": "openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le"
},
"product_reference": "openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x"
},
"product_reference": "openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64 as a component of Builds for Red Hat OpenShift 1.0",
"product_id": "8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
},
"product_reference": "openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64",
"relates_to_product_reference": "8Base-OPENSHIFT-BUILDS-1.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"discovery_date": "2023-12-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2254210"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "RHBZ#2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7071748",
"url": "https://access.redhat.com/solutions/7071748"
},
{
"category": "external",
"summary": "https://terrapin-attack.com/",
"url": "https://terrapin-attack.com/"
}
],
"release_date": "2023-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-28T05:31:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in\nthis advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1557"
},
{
"category": "workaround",
"details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748",
"product_ids": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"
},
{
"cve": "CVE-2023-49568",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2258165"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service (DoS) vulnerability was found in the go library go-git. This issue may allow an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which can trigger resource exhaustion in go-git clients.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-git: Maliciously crafted Git server replies can cause DoS on go-git clients",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This problem only affects the go implementation and not the original git cli code. Applications using only in-memory filesystems are not affected by this issue. Clients should be limited to connect to only trusted git servers to reduce the risk of compromise.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-49568"
},
{
"category": "external",
"summary": "RHBZ#2258165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258165"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-49568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49568"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-49568",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49568"
},
{
"category": "external",
"summary": "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r",
"url": "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r"
}
],
"release_date": "2023-12-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-28T05:31:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in\nthis advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1557"
},
{
"category": "workaround",
"details": "In cases where a bump to the latest version of go-git is not possible, a recommendation to reduce the exposure of this threat is limiting its use to only trust-worthy Git servers.",
"product_ids": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "go-git: Maliciously crafted Git server replies can cause DoS on go-git clients"
},
{
"cve": "CVE-2023-49569",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2258143"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was discovered in the go library go-git. This issue may allow an attacker to create and amend files across the filesystem when applications are using the default ChrootOS, potentially allowing remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This problem only affects the go implementation and not the original git cli code. Applications using BoundOS or in-memory filesystems are not affected by this issue. Clients should be limited to connect to only trusted git servers to reduce the risk of compromise.\n\nIn OpenShift Container Platform (OCP) the vulnerable github.com/go-git/go-git/v5 Go package is used as a dependency in many components where the vulnerable function is not used, hence the impact by this vulnerability is reduced to Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-49569"
},
{
"category": "external",
"summary": "RHBZ#2258143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258143"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-49569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49569"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-49569",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49569"
},
{
"category": "external",
"summary": "https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88",
"url": "https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88"
}
],
"release_date": "2024-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-28T05:31:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in\nthis advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1557"
},
{
"category": "workaround",
"details": "In cases where a bump to the latest version of go-git is not possible, a recommendation to reduce the exposure of this threat is limiting its use to only trust-worthy Git servers.",
"product_ids": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:56ca1d5fa1d29d3048c59e3b15cd449454e0ceff608ab9c794f214532f6fa605_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:638042ef5bd0bafc6f54055f11814f1dc3bab8b47ce356932ed333cf10b4111b_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:6675982a438ffb20c876193f88cffe475767b76fcc2b57fb0073ec103f058f54_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-controller-rhel8@sha256:686ad7ae2772e6f00e86186bf1c98a0c158b373ee3517be296818e18fa475921_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:0edb0e9d3532c4c35c5f9984589cbcdba53dab0db74d34ad4f2cc3218f6c4941_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:5b4504b82df425c295c167825d1e64f30a3e6f0dac094ff408f3bfacba47d315_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:6ec4966c3eff2a781b885212a77deaf37fe854de46fd29534e365f54324381e3_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-git-cloner-rhel8@sha256:dc87f0bffbed293a57937cb7022dc9f0bb15b82f1bdb316f283a4b506e19fa27_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:453fcacfcfebf1f0c0fb3d2f4e9a183d1fe578dbde49b991892fd3007aafdbc5_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:a852957ccee84d0ea5fac3de3ff5c68ac79deca7f3cb36328ac777b0888c7b4b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:d5f201a51c85e7b70807ad0688c73ae70f76ac4f3919fbac85e475bbde48d599_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-bundler-rhel8@sha256:f4492af12a740015ee3e114ac9c8e42d25c4387073f6c85251fd7089324bed05_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:7abda41e2aae405fc8aadf1b42469128daf66245e63d556de08fde6d6e25e316_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:b38b949a700b11bebb9dc7c07cd1c10832b2dfde41adf21db6b20549d25f0136_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:e94e7624075e9f5cd22b5b8a39f22cf1acd6b4585bc98366327cd36a9a6950ad_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-image-processing-rhel8@sha256:f802324b5924bb25f90a1e78435e170db4b41f5c6164e221cb2fe54e1451e06f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:1ea54eafb83ab9cf4fa3a8ae66864309b592c5e90ee4ae8aa86c8cb76f25fd59_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:56c474f8bc49060c3f1a6fc19d5984b2bbf81ac3ab76a80ce63faa9010d0759f_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:6e83f03b788bd829c147481a79401e1cc1b83258990f7c86a25359b029bbc92a_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-operator-bundle@sha256:9aa0e3583582b3accb2c18476d33613431ac34b201888af6f7aa41a90bcd4508_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:2161db279af5289dc8221988a03ca552b8d1773d167d580d144ee5f45412fe10_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:7840340e82817d5c95ec93aa3d534c98bdb8c9a6efaf59fd6bed7117bdcc3f00_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:9235caed8216b64ed825d5b6d7fada5801d1f4015164141b0fae91454a98e4bf_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-rhel8-operator@sha256:a3ff59c104a4d327039a0e3c60833502d5fc354632aa3608e6db14363f8fc355_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:4ead53061f635e17da978b72a20c91b3e46f9113e9793b550ce8b16f866398e0_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:a7912a7deebe11c23d8efddc6af4b0afaaab9b33da896f316a38ee91571781c8_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:b384ca4cd31baa8de9d6d08455305634b9bccbb95463a60fc06a96c11f535b1b_arm64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-waiters-rhel8@sha256:bef7e6c063dbe218ba76fd9f6842ba076d0dedd8d42d40e62805c6710976b445_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:2426730213dab85121b70b97d5d645ccd936c5bbe296174256e4a754a054ffaf_amd64",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:53f0b3c485c825e3dcefb4f30207ecd3c5d7e2197cf4f0559ce35f4eb7c91b8f_ppc64le",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:b39600ea957d5fd34f00fe50ecf1879bca47a4bac924c4fdff702d1fc68a1e7b_s390x",
"8Base-OPENSHIFT-BUILDS-1.0:openshift-builds/openshift-builds-webhook-rhel8@sha256:bb9d712386ca640899684ea181475be5e81990b5b827dd7a11a6da3a41f9f20c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…