rhsa-2024_1570
Vulnerability from csaf_redhat
Published
2024-03-28 20:50
Modified
2024-11-07 02:03
Summary
Red Hat Security Advisory: ACS 4.4 enhancement and security update
Notes
Topic
Important: Updated images are now available for Red Hat Advanced Cluster Security.
Details
Updated images are now available for Red Hat Advanced Cluster Security. The
updated image includes new features and bug fixes.
This release includes the following features and updates:
* New Compliance capabilities (Technology Preview)
* Network graph enhancements for internal entities
* Build-time network policy tools is now generally available
* Init-bundle graphical user interface improvements
* eBPF CO-RE collection method enabled by default
* Bring your own database for RHACS Central is now generally available
* Support RHACS on ROSA hosted control plane
* Life cycle updates
* Integration with Red Hat OpenShift Cluster Manager and Paladin Cloud to discover unsecured clusters
* Migration to stock Red Hat OpenShift SCCs during manual upgrade by using roxctl CLI
* Cluster discovery by using cloud source integrations
* Short-lived API tokens for Central
* Enhanced roxctl deployment check command
* Authentication of AWS and GCP integrations by using short-lived tokens (Technology Preview)
* Scanner V4 that uses upstream ClairCore (Technology Preview)
* Filter workload CVEs by using component and component source
For more information, including bug fix descriptions, see https://docs.openshift.com/acs/4.4/release_notes/44-release-notes.html.
Security fixes:
* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)
* go-git: Maliciously crafted Git server replies can cause DoS on go-git clients (CVE-2023-49568)
* helm: Missing YAML content leads to panic (CVE-2024-26147)
* helm: Shows secrets with --dry-run option in clear text (CVE-2019-25210)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Important: Updated images are now available for Red Hat Advanced Cluster Security.",
"title": "Topic"
},
{
"category": "general",
"text": "Updated images are now available for Red Hat Advanced Cluster Security. The\nupdated image includes new features and bug fixes.\n\nThis release includes the following features and updates:\n\n* New Compliance capabilities (Technology Preview)\n* Network graph enhancements for internal entities\n* Build-time network policy tools is now generally available\n* Init-bundle graphical user interface improvements\n* eBPF CO-RE collection method enabled by default\n* Bring your own database for RHACS Central is now generally available\n* Support RHACS on ROSA hosted control plane\n* Life cycle updates\n* Integration with Red Hat OpenShift Cluster Manager and Paladin Cloud to discover unsecured clusters\n* Migration to stock Red Hat OpenShift SCCs during manual upgrade by using roxctl CLI\n* Cluster discovery by using cloud source integrations\n* Short-lived API tokens for Central\n* Enhanced roxctl deployment check command\n* Authentication of AWS and GCP integrations by using short-lived tokens (Technology Preview)\n* Scanner V4 that uses upstream ClairCore (Technology Preview)\n* Filter workload CVEs by using component and component source\n\nFor more information, including bug fix descriptions, see https://docs.openshift.com/acs/4.4/release_notes/44-release-notes.html.\n\nSecurity fixes:\n* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)\n* go-git: Maliciously crafted Git server replies can cause DoS on go-git clients (CVE-2023-49568)\n* helm: Missing YAML content leads to panic (CVE-2024-26147)\n* helm: Shows secrets with --dry-run option in clear text (CVE-2019-25210)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1570",
"url": "https://access.redhat.com/errata/RHSA-2024:1570"
},
{
"category": "external",
"summary": "https://docs.openshift.com/acs/4.4/release_notes/44-release-notes.html",
"url": "https://docs.openshift.com/acs/4.4/release_notes/44-release-notes.html"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "2258165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258165"
},
{
"category": "external",
"summary": "2265440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265440"
},
{
"category": "external",
"summary": "ROX-23399",
"url": "https://issues.redhat.com/browse/ROX-23399"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1570.json"
}
],
"title": "Red Hat Security Advisory: ACS 4.4 enhancement and security update",
"tracking": {
"current_release_date": "2024-11-07T02:03:37+00:00",
"generator": {
"date": "2024-11-07T02:03:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2024:1570",
"initial_release_date": "2024-03-28T20:50:01+00:00",
"revision_history": [
{
"date": "2024-03-28T20:50:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-03-28T20:50:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-07T02:03:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 4.4 for RHEL 8",
"product": {
"name": "RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.0-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.0-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.0-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.0-17"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.0-17"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.0-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.0-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.0-11"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.0-11"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.0-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.0-11"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.0-13"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.0-8"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.0-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.0-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.0-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.0-17"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.0-17"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.0-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.0-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.0-11"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.0-11"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.0-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.0-11"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.0-13"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.0-8"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.0-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.0-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.0-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.0-17"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.0-17"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.0-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.0-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.0-11"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.0-11"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.0-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.0-11"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.0-13"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.0-8"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-25210",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2024-03-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268201"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Helm that may lead to sensitive information disclosure. When the --dry-run flag is used in Helm 3, it displays values of secrets. Helm 2 just displays the fact that a secret has been created.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "helm: shows secrets with --dry-run option in clear text",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-25210"
},
{
"category": "external",
"summary": "RHBZ#2268201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268201"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-25210",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25210"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25210",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25210"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/issues/7275",
"url": "https://github.com/helm/helm/issues/7275"
}
],
"release_date": "2024-03-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-28T20:50:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to upgrade to release 4.4.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "helm: shows secrets with --dry-run option in clear text"
},
{
"cve": "CVE-2023-26144",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-09-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2239924"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the graphql package. Affected versions of this package are vulnerable to Denial of Service (DoS) due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries. This issue may allow an attacker to degrade system performance.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "graphql: Insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64"
],
"known_not_affected": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26144"
},
{
"category": "external",
"summary": "RHBZ#2239924",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239924"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26144",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26144"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26144",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26144"
},
{
"category": "external",
"summary": "https://github.com/graphql/graphql-js/commit/f94b511386c7e47bd0380dcd56553dc063320226",
"url": "https://github.com/graphql/graphql-js/commit/f94b511386c7e47bd0380dcd56553dc063320226"
},
{
"category": "external",
"summary": "https://github.com/graphql/graphql-js/issues/3955",
"url": "https://github.com/graphql/graphql-js/issues/3955"
},
{
"category": "external",
"summary": "https://github.com/graphql/graphql-js/pull/3972",
"url": "https://github.com/graphql/graphql-js/pull/3972"
},
{
"category": "external",
"summary": "https://github.com/graphql/graphql-js/releases/tag/v16.8.1",
"url": "https://github.com/graphql/graphql-js/releases/tag/v16.8.1"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-GRAPHQL-5905181",
"url": "https://security.snyk.io/vuln/SNYK-JS-GRAPHQL-5905181"
}
],
"release_date": "2023-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-28T20:50:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to upgrade to release 4.4.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "graphql: Insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries"
},
{
"cve": "CVE-2023-29406",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2222167"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: insufficient sanitization of Host header",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64"
],
"known_not_affected": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-29406"
},
{
"category": "external",
"summary": "RHBZ#2222167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0",
"url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"
}
],
"release_date": "2023-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-28T20:50:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to upgrade to release 4.4.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: insufficient sanitization of Host header"
},
{
"cve": "CVE-2023-49568",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-01-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2258165"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service (DoS) vulnerability was found in the go library go-git. This issue may allow an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which can trigger resource exhaustion in go-git clients.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-git: Maliciously crafted Git server replies can cause DoS on go-git clients",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This problem only affects the go implementation and not the original git cli code. Applications using only in-memory filesystems are not affected by this issue. Clients should be limited to connect to only trusted git servers to reduce the risk of compromise.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x"
],
"known_not_affected": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-49568"
},
{
"category": "external",
"summary": "RHBZ#2258165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258165"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-49568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49568"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-49568",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49568"
},
{
"category": "external",
"summary": "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r",
"url": "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r"
}
],
"release_date": "2023-12-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-28T20:50:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to upgrade to release 4.4.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1570"
},
{
"category": "workaround",
"details": "In cases where a bump to the latest version of go-git is not possible, a recommendation to reduce the exposure of this threat is limiting its use to only trust-worthy Git servers.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "go-git: Maliciously crafted Git server replies can cause DoS on go-git clients"
},
{
"cve": "CVE-2024-26147",
"cwe": {
"id": "CWE-457",
"name": "Use of Uninitialized Variable"
},
"discovery_date": "2024-02-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2265440"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Helm. This flaw may lead to a panic when Helm parses index and plugin yaml files missing expected content, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "helm: Missing YAML Content Leads To Panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as Moderate since this would impact the Helm client and requires a malicious plugin to be in place, which can be removed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64"
],
"known_not_affected": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-26147"
},
{
"category": "external",
"summary": "RHBZ#2265440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265440"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-26147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26147"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26147",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26147"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/security/advisories/GHSA-r53h-jv2g-vpx6",
"url": "https://github.com/helm/helm/security/advisories/GHSA-r53h-jv2g-vpx6"
}
],
"release_date": "2024-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-28T20:50:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to upgrade to release 4.4.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1570"
},
{
"category": "workaround",
"details": "If a malicious plugin has been added which is causing all Helm client commands to panic, the malicious plugin can be manually removed from the filesystem.\n\nIf using Helm SDK versions prior to 3.14.2, calls to affected functions can use recover to catch the panic.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "helm: Missing YAML Content Leads To Panic"
},
{
"cve": "CVE-2024-28180",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2024-03-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268854"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jose due to improper handling of highly compressed data. This issue could allow an attacker to send a JWE containing compressed data that uses large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose-go: improper handling of highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64"
],
"known_not_affected": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28180"
},
{
"category": "external",
"summary": "RHBZ#2268854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268854"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28180"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g"
}
],
"release_date": "2024-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-28T20:50:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to upgrade to release 4.4.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1570"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose-go: improper handling of highly compressed data"
}
]
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.