rhsa-2024_1859
Vulnerability from csaf_redhat
Published
2024-04-16 17:26
Modified
2024-09-18 08:26
Summary
Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.3.1 security and bug fix update
Notes
Topic
OpenShift API for Data Protection (OADP) 1.3.1 is now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.
Security Fix(es) from Bugzilla:
* opentelemetry: DoS vulnerability in otelhttp (CVE-2023-45142)
* golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. (CVE-2023-45287)
* golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326)
* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)
* golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON (CVE-2024-24786)
* jose-go: improper handling of highly compressed data (CVE-2024-28180)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "OpenShift API for Data Protection (OADP) 1.3.1 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.\n\nSecurity Fix(es) from Bugzilla:\n\n* opentelemetry: DoS vulnerability in otelhttp (CVE-2023-45142)\n\n* golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. (CVE-2023-45287)\n\n* golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326)\n\n* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)\n\n* golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON (CVE-2024-24786)\n\n* jose-go: improper handling of highly compressed data (CVE-2024-28180)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1859",
"url": "https://access.redhat.com/errata/RHSA-2024:1859"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2245180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245180"
},
{
"category": "external",
"summary": "2253193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253193"
},
{
"category": "external",
"summary": "2253330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253330"
},
{
"category": "external",
"summary": "2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "external",
"summary": "2268854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268854"
},
{
"category": "external",
"summary": "OADP-1912",
"url": "https://issues.redhat.com/browse/OADP-1912"
},
{
"category": "external",
"summary": "OADP-2866",
"url": "https://issues.redhat.com/browse/OADP-2866"
},
{
"category": "external",
"summary": "OADP-3005",
"url": "https://issues.redhat.com/browse/OADP-3005"
},
{
"category": "external",
"summary": "OADP-3038",
"url": "https://issues.redhat.com/browse/OADP-3038"
},
{
"category": "external",
"summary": "OADP-3041",
"url": "https://issues.redhat.com/browse/OADP-3041"
},
{
"category": "external",
"summary": "OADP-3044",
"url": "https://issues.redhat.com/browse/OADP-3044"
},
{
"category": "external",
"summary": "OADP-3051",
"url": "https://issues.redhat.com/browse/OADP-3051"
},
{
"category": "external",
"summary": "OADP-3055",
"url": "https://issues.redhat.com/browse/OADP-3055"
},
{
"category": "external",
"summary": "OADP-3189",
"url": "https://issues.redhat.com/browse/OADP-3189"
},
{
"category": "external",
"summary": "OADP-3326",
"url": "https://issues.redhat.com/browse/OADP-3326"
},
{
"category": "external",
"summary": "OADP-3379",
"url": "https://issues.redhat.com/browse/OADP-3379"
},
{
"category": "external",
"summary": "OADP-3390",
"url": "https://issues.redhat.com/browse/OADP-3390"
},
{
"category": "external",
"summary": "OADP-3395",
"url": "https://issues.redhat.com/browse/OADP-3395"
},
{
"category": "external",
"summary": "OADP-3486",
"url": "https://issues.redhat.com/browse/OADP-3486"
},
{
"category": "external",
"summary": "OADP-3495",
"url": "https://issues.redhat.com/browse/OADP-3495"
},
{
"category": "external",
"summary": "OADP-3598",
"url": "https://issues.redhat.com/browse/OADP-3598"
},
{
"category": "external",
"summary": "OADP-3710",
"url": "https://issues.redhat.com/browse/OADP-3710"
},
{
"category": "external",
"summary": "OADP-3821",
"url": "https://issues.redhat.com/browse/OADP-3821"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1859.json"
}
],
"title": "Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.3.1 security and bug fix update",
"tracking": {
"current_release_date": "2024-09-18T08:26:20+00:00",
"generator": {
"date": "2024-09-18T08:26:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2024:1859",
"initial_release_date": "2024-04-16T17:26:06+00:00",
"revision_history": [
{
"date": "2024-04-16T17:26:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-04-16T17:26:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T08:26:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "9Base-OADP-1.3",
"product": {
"name": "9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_api_data_protection:1.3::el9"
}
}
}
],
"category": "product_family",
"name": "OpenShift API for Data Protection"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.3.1-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.3.1-53"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"product_id": "oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.3.1-59"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"product_id": "oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.3.1-40"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x",
"product_id": "oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.3.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.3.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.3.1-10"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.3.1-13"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.3.1-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.3.1-53"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"product_id": "oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.3.1-59"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"product_id": "oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.3.1-40"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"product_id": "oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.3.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.3.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.3.1-10"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.3.1-13"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.3.1-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.3.1-53"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"product_id": "oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.3.1-59"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"product_id": "oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.3.1-40"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"product_id": "oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.3.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.3.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.3.1-10"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.3.1-13"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.3.1-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.3.1-53"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"product_id": "oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.3.1-59"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"product_id": "oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.3.1-40"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"product_id": "oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.3.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.3.1-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.3.1-10"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.3.1-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.3.1-13"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39326",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-12-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2253330"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body (up to 1GiB), causing the receiver to fail reading the response, possibly leading to a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
],
"known_not_affected": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39326"
},
{
"category": "external",
"summary": "RHBZ#2253330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253330"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39326",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39326"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2382",
"url": "https://pkg.go.dev/vuln/GO-2023-2382"
}
],
"release_date": "2023-12-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1859"
},
{
"category": "workaround",
"details": "No mitigation is available for this flaw.",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests"
},
{
"cve": "CVE-2023-45142",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-10-19T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2245180"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak was found in the otelhttp handler of open-telemetry. This flaw allows a remote, unauthenticated attacker to exhaust the server\u0027s memory by sending many malicious requests, affecting the availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "opentelemetry: DoS vulnerability in otelhttp",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While no authentication is required, there are a significant number of non-default factors which prevent widespread exploitation of this flaw. For a service to be affected, all of the following must be true:\n* The go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp package must be in use\n* Configured a metrics pipeline which uses the otelhttp.NewHandler wrapper function\n* No filtering of unknown HTTP methods or user agents at a higher level (such as Content Delivery Network/Load Balancer/etc...)\n\nDue to the limited attack surface, Red Hat Product Security rates the impact as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64"
],
"known_not_affected": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45142"
},
{
"category": "external",
"summary": "RHBZ#2245180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45142",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45142"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45142",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45142"
},
{
"category": "external",
"summary": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-rcjv-mgp8-qvmr",
"url": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-rcjv-mgp8-qvmr"
}
],
"release_date": "2023-10-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1859"
},
{
"category": "workaround",
"details": "As a workaround to stop being affected otelhttp.WithFilter() can be used.\n\nFor convenience and safe usage of this library, it should by default mark with the label unknown non-standard HTTP methods and User agents to show that such requests were made but do not increase cardinality. In case someone wants to stay with the current behavior, library API should allow to enable it.\n\nThe other possibility is to disable HTTP metrics instrumentation by passing otelhttp.WithMeterProvider option with noop.NewMeterProvider.",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "opentelemetry: DoS vulnerability in otelhttp"
},
{
"cve": "CVE-2023-45287",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2023-12-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2253193"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Golang crypto/tls standard library. In previous versions, the package was vulnerable to a Timing Side Channel attack by observing the time it took for RSA-based TLS key exchanges, which was not constant. This flaw allows a malicious user to gather information from the environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified flaw in the Golang crypto/tls library, is assessed as a moderate severity issue rather than important due to several mitigating factors. Although the vulnerability exposes a Timing Side Channel, potentially allowing information retrieval through RSA-based TLS key exchanges, its exploitation demands significant access and expertise. Additionally, while earlier versions implemented RSA blinding to counter timing attacks, the removal of PKCS#1 padding may still leak timing data. However, the practicality of exploiting this flaw is limited, and the transition to a fully constant time RSA implementation in Go 1.20 significantly bolsters security, reducing the risk posed by timing side channels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
],
"known_not_affected": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45287"
},
{
"category": "external",
"summary": "RHBZ#2253193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45287",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45287"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2375",
"url": "https://pkg.go.dev/vuln/GO-2023-2375"
}
],
"release_date": "2023-12-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1859"
},
{
"category": "workaround",
"details": "No current mitigation is available for this vulnerability.",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges."
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"discovery_date": "2023-12-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2254210"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
],
"known_not_affected": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "RHBZ#2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7071748",
"url": "https://access.redhat.com/solutions/7071748"
},
{
"category": "external",
"summary": "https://terrapin-attack.com/",
"url": "https://terrapin-attack.com/"
}
],
"release_date": "2023-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1859"
},
{
"category": "workaround",
"details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"
},
{
"cve": "CVE-2024-24786",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268046"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang\u0027s protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
],
"known_not_affected": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24786"
},
{
"category": "external",
"summary": "RHBZ#2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786"
},
{
"category": "external",
"summary": "https://go.dev/cl/569356",
"url": "https://go.dev/cl/569356"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/",
"url": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2611",
"url": "https://pkg.go.dev/vuln/GO-2024-2611"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1859"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON"
},
{
"cve": "CVE-2024-28180",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2024-03-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268854"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jose due to improper handling of highly compressed data. This issue could allow an attacker to send a JWE containing compressed data that uses large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose-go: improper handling of highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le"
],
"known_not_affected": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28180"
},
{
"category": "external",
"summary": "RHBZ#2268854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268854"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28180"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g"
}
],
"release_date": "2024-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1859"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose-go: improper handling of highly compressed data"
}
]
}
Loading...