rhsa-2024_1570
Vulnerability from csaf_redhat
Published
2024-03-28 20:50
Modified
2024-11-23 03:48
Summary
Red Hat Security Advisory: ACS 4.4 enhancement and security update
Notes
Topic
Important: Updated images are now available for Red Hat Advanced Cluster Security.
Details
Updated images are now available for Red Hat Advanced Cluster Security. The
updated image includes new features and bug fixes.
This release includes the following features and updates:
* New Compliance capabilities (Technology Preview)
* Network graph enhancements for internal entities
* Build-time network policy tools is now generally available
* Init-bundle graphical user interface improvements
* eBPF CO-RE collection method enabled by default
* Bring your own database for RHACS Central is now generally available
* Support RHACS on ROSA hosted control plane
* Life cycle updates
* Integration with Red Hat OpenShift Cluster Manager and Paladin Cloud to discover unsecured clusters
* Migration to stock Red Hat OpenShift SCCs during manual upgrade by using roxctl CLI
* Cluster discovery by using cloud source integrations
* Short-lived API tokens for Central
* Enhanced roxctl deployment check command
* Authentication of AWS and GCP integrations by using short-lived tokens (Technology Preview)
* Scanner V4 that uses upstream ClairCore (Technology Preview)
* Filter workload CVEs by using component and component source
For more information, including bug fix descriptions, see https://docs.openshift.com/acs/4.4/release_notes/44-release-notes.html.
Security fixes:
* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)
* go-git: Maliciously crafted Git server replies can cause DoS on go-git clients (CVE-2023-49568)
* helm: Missing YAML content leads to panic (CVE-2024-26147)
* helm: Shows secrets with --dry-run option in clear text (CVE-2019-25210)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Important: Updated images are now available for Red Hat Advanced Cluster Security.", "title": "Topic" }, { "category": "general", "text": "Updated images are now available for Red Hat Advanced Cluster Security. The\nupdated image includes new features and bug fixes.\n\nThis release includes the following features and updates:\n\n* New Compliance capabilities (Technology Preview)\n* Network graph enhancements for internal entities\n* Build-time network policy tools is now generally available\n* Init-bundle graphical user interface improvements\n* eBPF CO-RE collection method enabled by default\n* Bring your own database for RHACS Central is now generally available\n* Support RHACS on ROSA hosted control plane\n* Life cycle updates\n* Integration with Red Hat OpenShift Cluster Manager and Paladin Cloud to discover unsecured clusters\n* Migration to stock Red Hat OpenShift SCCs during manual upgrade by using roxctl CLI\n* Cluster discovery by using cloud source integrations\n* Short-lived API tokens for Central\n* Enhanced roxctl deployment check command\n* Authentication of AWS and GCP integrations by using short-lived tokens (Technology Preview)\n* Scanner V4 that uses upstream ClairCore (Technology Preview)\n* Filter workload CVEs by using component and component source\n\nFor more information, including bug fix descriptions, see https://docs.openshift.com/acs/4.4/release_notes/44-release-notes.html.\n\nSecurity fixes:\n* golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)\n* go-git: Maliciously crafted Git server replies can cause DoS on go-git clients (CVE-2023-49568)\n* helm: Missing YAML content leads to panic (CVE-2024-26147)\n* helm: Shows secrets with --dry-run option in clear text (CVE-2019-25210)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:1570", "url": "https://access.redhat.com/errata/RHSA-2024:1570" }, { "category": "external", "summary": "https://docs.openshift.com/acs/4.4/release_notes/44-release-notes.html", "url": "https://docs.openshift.com/acs/4.4/release_notes/44-release-notes.html" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2222167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167" }, { "category": "external", "summary": "2258165", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258165" }, { "category": "external", "summary": "2265440", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265440" }, { "category": "external", "summary": "ROX-23399", "url": "https://issues.redhat.com/browse/ROX-23399" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1570.json" } ], "title": "Red Hat Security Advisory: ACS 4.4 enhancement and security update", "tracking": { "current_release_date": "2024-11-23T03:48:00+00:00", "generator": { "date": "2024-11-23T03:48:00+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2024:1570", "initial_release_date": "2024-03-28T20:50:01+00:00", "revision_history": [ { "date": "2024-03-28T20:50:01+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-03-28T20:50:01+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-23T03:48:00+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHACS 4.4 for RHEL 8", "product": { "name": "RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8" } } } ], "category": "product_family", "name": "Red Hat Advanced Cluster Security for Kubernetes" }, { "branches": [ { "category": "product_version", "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "product": { "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.0-9" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64", "product": { "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64", "product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.0-2" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64", "product": { "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64", "product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.0-2" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64", "product": { "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64", "product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.0-17" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64", "product": { "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64", "product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.0-17" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "product": { "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.0-9" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "product": { "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.0-9" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "product": { "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.0-11" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "product": { "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.0-11" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "product": { "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.0-2" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "product": { "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.0-11" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64", "product": { "name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64", "product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.0-13" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64", "product": { "name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64", "product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.0-8" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.0-9" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le", "product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.0-2" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le", "product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.0-2" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.0-17" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le", "product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.0-17" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.0-9" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.0-9" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.0-11" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.0-11" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.0-2" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.0-11" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le", "product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.0-13" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le", "product": { "name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le", "product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.0-8" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "product": { "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.0-9" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x", "product": { "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x", "product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.0-2" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x", "product": { "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x", "product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.0-2" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "product": { "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.0-17" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x", "product": { "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x", "product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.0-17" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "product": { "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.0-9" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "product": { "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.0-9" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "product": { "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.0-11" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "product": { "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.0-11" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "product": { "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.0-2" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x", "product": { "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x", "product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.0-11" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x", "product": { "name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x", "product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.0-13" } } }, { "category": "product_version", "name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x", "product": { "name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x", "product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x", "product_identification_helper": { "purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.0-8" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64 as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64" }, "product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x" }, "product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64 as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64" }, "product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x" }, "product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x" }, "product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64 as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64" }, "product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x" }, "product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64 as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64" }, "product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64 as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64" }, "product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x" }, "product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64 as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64" }, "product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x" }, "product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x" }, "product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64 as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64" }, "product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64 as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64" }, "product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x" }, "product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64 as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64" }, "product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x" }, "product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x" }, "product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64 as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64" }, "product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64 as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64" }, "product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x" }, "product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64 as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64" }, "product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x" }, "product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le" }, "product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x" }, "product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x", "relates_to_product_reference": "8Base-RHACS-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64 as a component of RHACS 4.4 for RHEL 8", "product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64" }, "product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64", "relates_to_product_reference": "8Base-RHACS-4.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-25210", "cwe": { "id": "CWE-201", "name": "Insertion of Sensitive Information Into Sent Data" }, "discovery_date": "2024-03-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2268201" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Helm that may lead to sensitive information disclosure. When the --dry-run flag is used in Helm 3, it displays values of secrets. Helm 2 just displays the fact that a secret has been created.", "title": "Vulnerability description" }, { "category": "summary", "text": "helm: shows secrets with --dry-run option in clear text", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-25210" }, { "category": "external", "summary": "RHBZ#2268201", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268201" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-25210", "url": "https://www.cve.org/CVERecord?id=CVE-2019-25210" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25210", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25210" }, { "category": "external", "summary": "https://github.com/helm/helm/issues/7275", "url": "https://github.com/helm/helm/issues/7275" } ], "release_date": "2024-03-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-28T20:50:01+00:00", "details": "If you are using an earlier version of RHACS, you are advised to upgrade to release 4.4.", "product_ids": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1570" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "helm: shows secrets with --dry-run option in clear text" }, { "cve": "CVE-2023-26144", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-09-20T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2239924" } ], "notes": [ { "category": "description", "text": "A flaw was found in the graphql package. Affected versions of this package are vulnerable to Denial of Service (DoS) due to insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries. This issue may allow an attacker to degrade system performance.", "title": "Vulnerability description" }, { "category": "summary", "text": "graphql: Insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64" ], "known_not_affected": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-26144" }, { "category": "external", "summary": "RHBZ#2239924", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239924" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-26144", "url": "https://www.cve.org/CVERecord?id=CVE-2023-26144" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26144", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26144" }, { "category": "external", "summary": "https://github.com/graphql/graphql-js/commit/f94b511386c7e47bd0380dcd56553dc063320226", "url": "https://github.com/graphql/graphql-js/commit/f94b511386c7e47bd0380dcd56553dc063320226" }, { "category": "external", "summary": "https://github.com/graphql/graphql-js/issues/3955", "url": "https://github.com/graphql/graphql-js/issues/3955" }, { "category": "external", "summary": "https://github.com/graphql/graphql-js/pull/3972", "url": "https://github.com/graphql/graphql-js/pull/3972" }, { "category": "external", "summary": "https://github.com/graphql/graphql-js/releases/tag/v16.8.1", "url": "https://github.com/graphql/graphql-js/releases/tag/v16.8.1" }, { "category": "external", "summary": "https://security.snyk.io/vuln/SNYK-JS-GRAPHQL-5905181", "url": "https://security.snyk.io/vuln/SNYK-JS-GRAPHQL-5905181" } ], "release_date": "2023-09-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-28T20:50:01+00:00", "details": "If you are using an earlier version of RHACS, you are advised to upgrade to release 4.4.", "product_ids": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1570" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "graphql: Insufficient checks in the OverlappingFieldsCanBeMergedRule.ts file when parsing large queries" }, { "cve": "CVE-2023-29406", "cwe": { "id": "CWE-113", "name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)" }, "discovery_date": "2023-07-12T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2222167" } ], "notes": [ { "category": "description", "text": "A flaw was found in Golang, where it is vulnerable to HTTP header injection caused by improper content validation of the Host header by the HTTP/1 client. A remote attacker can inject arbitrary HTTP headers by persuading a victim to visit a specially crafted Web page. This flaw allows the attacker to conduct various attacks against the vulnerable system, including Cross-site scripting, cache poisoning, or session hijacking.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/http: insufficient sanitization of Host header", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64" ], "known_not_affected": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-29406" }, { "category": "external", "summary": "RHBZ#2222167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222167" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-29406", "url": "https://www.cve.org/CVERecord?id=CVE-2023-29406" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29406" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0", "url": "https://groups.google.com/g/golang-announce/c/2q13H6LEEx0" } ], "release_date": "2023-07-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-28T20:50:01+00:00", "details": "If you are using an earlier version of RHACS, you are advised to upgrade to release 4.4.", "product_ids": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1570" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/http: insufficient sanitization of Host header" }, { "cve": "CVE-2023-49568", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-01-12T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2258165" } ], "notes": [ { "category": "description", "text": "A denial of service (DoS) vulnerability was found in the go library go-git. This issue may allow an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which can trigger resource exhaustion in go-git clients.", "title": "Vulnerability description" }, { "category": "summary", "text": "go-git: Maliciously crafted Git server replies can cause DoS on go-git clients", "title": "Vulnerability summary" }, { "category": "other", "text": "This problem only affects the go implementation and not the original git cli code. Applications using only in-memory filesystems are not affected by this issue. Clients should be limited to connect to only trusted git servers to reduce the risk of compromise.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x" ], "known_not_affected": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-49568" }, { "category": "external", "summary": "RHBZ#2258165", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258165" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-49568", "url": "https://www.cve.org/CVERecord?id=CVE-2023-49568" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-49568", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49568" }, { "category": "external", "summary": "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r", "url": "https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r" } ], "release_date": "2023-12-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-28T20:50:01+00:00", "details": "If you are using an earlier version of RHACS, you are advised to upgrade to release 4.4.", "product_ids": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1570" }, { "category": "workaround", "details": "In cases where a bump to the latest version of go-git is not possible, a recommendation to reduce the exposure of this threat is limiting its use to only trust-worthy Git servers.", "product_ids": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "go-git: Maliciously crafted Git server replies can cause DoS on go-git clients" }, { "cve": "CVE-2024-26147", "cwe": { "id": "CWE-457", "name": "Use of Uninitialized Variable" }, "discovery_date": "2024-02-21T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2265440" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Helm. This flaw may lead to a panic when Helm parses index and plugin yaml files missing expected content, leading to a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "helm: Missing YAML Content Leads To Panic", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat rates this as Moderate since this would impact the Helm client and requires a malicious plugin to be in place, which can be removed.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64" ], "known_not_affected": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-26147" }, { "category": "external", "summary": "RHBZ#2265440", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265440" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-26147", "url": "https://www.cve.org/CVERecord?id=CVE-2024-26147" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26147", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26147" }, { "category": "external", "summary": "https://github.com/helm/helm/security/advisories/GHSA-r53h-jv2g-vpx6", "url": "https://github.com/helm/helm/security/advisories/GHSA-r53h-jv2g-vpx6" } ], "release_date": "2024-02-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-28T20:50:01+00:00", "details": "If you are using an earlier version of RHACS, you are advised to upgrade to release 4.4.", "product_ids": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1570" }, { "category": "workaround", "details": "If a malicious plugin has been added which is causing all Helm client commands to panic, the malicious plugin can be manually removed from the filesystem.\n\nIf using Helm SDK versions prior to 3.14.2, calls to affected functions can use recover to catch the panic.", "product_ids": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "helm: Missing YAML Content Leads To Panic" }, { "cve": "CVE-2024-28180", "cwe": { "id": "CWE-409", "name": "Improper Handling of Highly Compressed Data (Data Amplification)" }, "discovery_date": "2024-03-10T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2268854" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Jose due to improper handling of highly compressed data. This issue could allow an attacker to send a JWE containing compressed data that uses large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti.", "title": "Vulnerability description" }, { "category": "summary", "text": "jose-go: improper handling of highly compressed data", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64" ], "known_not_affected": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-28180" }, { "category": "external", "summary": "RHBZ#2268854", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268854" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-28180", "url": "https://www.cve.org/CVERecord?id=CVE-2024-28180" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28180", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28180" }, { "category": "external", "summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g", "url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g" } ], "release_date": "2024-03-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-03-28T20:50:01+00:00", "details": "If you are using an earlier version of RHACS, you are advised to upgrade to release 4.4.", "product_ids": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1570" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:52861bad043e0fa2e1e7be172b08c0b3677709c83da031bcf39a68c0b073607e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:73064e3e772937c74220e4c34b9554ce6e94b605e826283809815fba9abc4cd4_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78781d0ee31d25dc1d0ef33bbc7d6b7b4df413220dccf7cf3551755299b58594_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:0649b01e11098be6533ef4c64b1181108d06b21956d687f5c05c01cb3316f11e_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:1da693919b9e2f1ec16e7cd1217e5731979ac96d1b15db62ae62a5f0fb4a541f_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:f0384d3a958c89ae686ed8df2ff32485812c80f351110250960776ea6cfb6788_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:14ea4ba081a1c51d1b7ed98dd119cc139912b0eca9acfe566b971989e598b6a1_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:1f6eae080abc086069d0aa30f8d91709cdeea448860993f05f9eb69468ea46eb_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9434b2ffc9bb79e49f8a74d3715f91c3fd0e1a4a6f2f1a055dac54410aced9cf_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:94fcee9ac22671bd18be77381214665d9289151703a9ed78c29cee02b92612f4_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:bb3294d638f30c3e816779d0a058b462b12afc4e43f5f4fbc24dccfc995371ae_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:ccbde10e2270cb4e8a793e2c78caa4a2e77aa78f854f1719cc473cf87471aed4_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:3d7e870e5825b9a39f04d0d1b9c9a23879761686ed1a6d9c34687066d10b515a_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5539db4c0e808fb5b09e200db5600c980a51f1ca2161a2a8f61d94076fd48cc7_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d77d831b8791bb69b79b9943ac143db17a7a553032f1a4e1ea90b881bdbc384_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b47077680184e7f1aa63cd3a3bd59a8f641eb8d9d4ed3e12fa6dae308bb3aba0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c8ddf5f6c10f9a31137afb7f5939012ad88e9cca1172d980a5667bf62e37a01c_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:db29aec91e8e935fe39fcb467b360b2fb32cd7f3c36f9d48572c4e4778f06ba7_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:08a189b04c0657aa4cd442e5cf53f2de029895cf99f8aef449349b8da7bc2951_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4969d7ca6f85df7baa2dbd4ed02924e7a0f42aa67aa622d7013a11a25cdad000_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7bc8c0edd2f1cf0ce2994d581ae78fbbac052347a01b2b1b712fc5786d89927c_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0b3943c5432acba57b45290a07077f7fe629e3aec85f78196ea53361a9068ea5_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4232396739855b28215ef0685614faac042db973a403ea80c5cd032d05b208b0_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8f184c626a84a645f9971f6c4ea0363a3e97ecc687fd753c46e5a5f21e3802d1_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:c2e3453df971f050e4edf411be1c5ed898ea1ba1ce419d2f070d63acd21e202a_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ec39860ffcfc6c5b3d3aab9d5208a45a5a126e9769b5fd6a4fbfe3cb631b7650_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:f3ec22fdb078e88634361a5b069340a076e24964526753fcbf754815c8278670_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:13c3b7dffb0fbec9e67e754f19e04e593d9ed3ab3d73f3b23d55891d0118fec8_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a14bfa4d4cfcca3c6275db75498166955a59a104c6fee25a208114a9e0e53d4f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a18d2879c67d8dc059db6c5941221b19008564904d3662c942c571c9cd141b17_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:014ad6fad2d7a67d99ad964f8cd5898f6ca15de118b53c14d3ec22b3a040453f_amd64", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8396da0eecd45faf3993826ae1c44827eff90f65b0088a2a4862a7e97cde01ac_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e16399d543e858ea20d34b8af668e9d9c5426cb29978391783a01b81b8f34039_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:71f9e99cafd293ceffe9980c7b9a3de1fb1f6dd63c2799d4f8bc648791d6fb67_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:eeec1e4168d4088bbb44142e8b3e1ec26bd6e74a3a9c496e91c8e54f1b98e14b_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:fb10a0839bb4764dce98df236a6954035c4377e190d777dc4b141e157b609181_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:22920aca86f56bbba6ff10d1c5c736cefa894322197d9bbe507b3633c7edb6dc_s390x", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:8f15386daaadd8ed55739eb64e208427f9641d2b0063ddc7e3826a8e5c5604ba_ppc64le", "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:a4b63d240ed0581995a1cae527fce3b0e3ded6524c9083251f63d447f830e7f3_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jose-go: improper handling of highly compressed data" } ] }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.