rhsa-2024_1859
Vulnerability from csaf_redhat
Published
2024-04-16 17:26
Modified
2024-11-07 02:04
Summary
Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.3.1 security and bug fix update
Notes
Topic
OpenShift API for Data Protection (OADP) 1.3.1 is now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.
Security Fix(es) from Bugzilla:
* opentelemetry: DoS vulnerability in otelhttp (CVE-2023-45142)
* golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. (CVE-2023-45287)
* golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326)
* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)
* golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON (CVE-2024-24786)
* jose-go: improper handling of highly compressed data (CVE-2024-28180)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "OpenShift API for Data Protection (OADP) 1.3.1 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.\n\nSecurity Fix(es) from Bugzilla:\n\n* opentelemetry: DoS vulnerability in otelhttp (CVE-2023-45142)\n\n* golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges. (CVE-2023-45287)\n\n* golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests (CVE-2023-39326)\n\n* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)\n\n* golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON (CVE-2024-24786)\n\n* jose-go: improper handling of highly compressed data (CVE-2024-28180)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:1859", "url": "https://access.redhat.com/errata/RHSA-2024:1859" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2245180", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245180" }, { "category": "external", "summary": "2253193", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253193" }, { "category": "external", "summary": "2253330", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253330" }, { "category": "external", "summary": "2254210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "category": "external", "summary": "2268046", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046" }, { "category": "external", "summary": "2268854", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268854" }, { "category": "external", "summary": "OADP-1912", "url": "https://issues.redhat.com/browse/OADP-1912" }, { "category": "external", "summary": "OADP-2866", "url": "https://issues.redhat.com/browse/OADP-2866" }, { "category": "external", "summary": "OADP-3005", "url": "https://issues.redhat.com/browse/OADP-3005" }, { "category": "external", "summary": "OADP-3038", "url": "https://issues.redhat.com/browse/OADP-3038" }, { "category": "external", "summary": "OADP-3041", "url": "https://issues.redhat.com/browse/OADP-3041" }, { "category": "external", "summary": "OADP-3044", "url": "https://issues.redhat.com/browse/OADP-3044" }, { "category": "external", "summary": "OADP-3051", "url": "https://issues.redhat.com/browse/OADP-3051" }, { "category": "external", "summary": "OADP-3055", "url": "https://issues.redhat.com/browse/OADP-3055" }, { "category": "external", "summary": "OADP-3189", "url": "https://issues.redhat.com/browse/OADP-3189" }, { "category": "external", "summary": "OADP-3326", "url": "https://issues.redhat.com/browse/OADP-3326" }, { "category": "external", "summary": "OADP-3379", "url": "https://issues.redhat.com/browse/OADP-3379" }, { "category": "external", "summary": "OADP-3390", "url": "https://issues.redhat.com/browse/OADP-3390" }, { "category": "external", "summary": "OADP-3395", "url": "https://issues.redhat.com/browse/OADP-3395" }, { "category": "external", "summary": "OADP-3486", "url": "https://issues.redhat.com/browse/OADP-3486" }, { "category": "external", "summary": "OADP-3495", "url": "https://issues.redhat.com/browse/OADP-3495" }, { "category": "external", "summary": "OADP-3598", "url": "https://issues.redhat.com/browse/OADP-3598" }, { "category": "external", "summary": "OADP-3710", "url": "https://issues.redhat.com/browse/OADP-3710" }, { "category": "external", "summary": "OADP-3821", "url": "https://issues.redhat.com/browse/OADP-3821" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1859.json" } ], "title": "Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.3.1 security and bug fix update", "tracking": { "current_release_date": "2024-11-07T02:04:37+00:00", "generator": { "date": "2024-11-07T02:04:37+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2024:1859", "initial_release_date": "2024-04-16T17:26:06+00:00", "revision_history": [ { "date": "2024-04-16T17:26:06+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-04-16T17:26:06+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-07T02:04:37+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "9Base-OADP-1.3", "product": { "name": "9Base-OADP-1.3", "product_id": "9Base-OADP-1.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift_api_data_protection:1.3::el9" } } } ], "category": "product_family", "name": "OpenShift API for Data Protection" }, { "branches": [ { "category": "product_version", "name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "product": { "name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "product_identification_helper": { "purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.3.1-13" } } }, { "category": "product_version", "name": "oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "product": { "name": "oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "product_id": "oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "product_identification_helper": { "purl": "pkg:oci/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.3.1-53" } } }, { "category": "product_version", "name": "oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "product": { "name": "oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "product_id": "oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "product_identification_helper": { "purl": "pkg:oci/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.3.1-59" } } }, { "category": "product_version", "name": "oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "product": { "name": "oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "product_id": "oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "product_identification_helper": { "purl": "pkg:oci/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.3.1-40" } } }, { "category": "product_version", "name": "oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x", "product": { "name": "oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x", "product_id": "oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.3.1-16" } } }, { "category": "product_version", "name": "oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "product": { "name": "oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "product_id": "oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.3.1-16" } } }, { "category": "product_version", "name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "product": { "name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.3.1-10" } } }, { "category": "product_version", "name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "product": { "name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "product_id": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel9\u0026tag=1.3.1-11" } } }, { "category": "product_version", "name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "product": { "name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.3.1-11" } } }, { "category": "product_version", "name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "product": { "name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.3.1-11" } } }, { "category": "product_version", "name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "product": { "name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.3.1-13" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "product": { "name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "product_identification_helper": { "purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.3.1-13" } } }, { "category": "product_version", "name": "oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "product": { "name": "oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "product_id": "oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "product_identification_helper": { "purl": "pkg:oci/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.3.1-53" } } }, { "category": "product_version", "name": "oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "product": { "name": "oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "product_id": "oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "product_identification_helper": { "purl": "pkg:oci/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.3.1-59" } } }, { "category": "product_version", "name": "oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "product": { "name": "oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "product_id": "oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "product_identification_helper": { "purl": "pkg:oci/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.3.1-40" } } }, { "category": "product_version", "name": "oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "product": { "name": "oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "product_id": "oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.3.1-16" } } }, { "category": "product_version", "name": "oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "product": { "name": "oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "product_id": "oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.3.1-16" } } }, { "category": "product_version", "name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "product": { "name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.3.1-10" } } }, { "category": "product_version", "name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "product": { "name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "product_id": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel9\u0026tag=1.3.1-11" } } }, { "category": "product_version", "name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "product": { "name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.3.1-11" } } }, { "category": "product_version", "name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "product": { "name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.3.1-11" } } }, { "category": "product_version", "name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "product": { "name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.3.1-13" } } } ], "category": "architecture", "name": "arm64" }, { "branches": [ { "category": "product_version", "name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "product": { "name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "product_identification_helper": { "purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.3.1-13" } } }, { "category": "product_version", "name": "oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "product": { "name": "oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "product_id": "oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.3.1-53" } } }, { "category": "product_version", "name": "oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "product": { "name": "oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "product_id": "oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.3.1-59" } } }, { "category": "product_version", "name": "oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "product": { "name": "oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "product_id": "oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "product_identification_helper": { "purl": "pkg:oci/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.3.1-40" } } }, { "category": "product_version", "name": "oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "product": { "name": "oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "product_id": "oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.3.1-16" } } }, { "category": "product_version", "name": "oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "product": { "name": "oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "product_id": "oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.3.1-16" } } }, { "category": "product_version", "name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "product": { "name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.3.1-10" } } }, { "category": "product_version", "name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "product": { "name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "product_id": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel9\u0026tag=1.3.1-11" } } }, { "category": "product_version", "name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "product": { "name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.3.1-11" } } }, { "category": "product_version", "name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "product": { "name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.3.1-11" } } }, { "category": "product_version", "name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le", "product": { "name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le", "product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.3.1-13" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "product": { "name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "product_identification_helper": { "purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.3.1-13" } } }, { "category": "product_version", "name": "oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "product": { "name": "oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "product_id": "oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "product_identification_helper": { "purl": "pkg:oci/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.3.1-53" } } }, { "category": "product_version", "name": "oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "product": { "name": "oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "product_id": "oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "product_identification_helper": { "purl": "pkg:oci/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.3.1-59" } } }, { "category": "product_version", "name": "oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "product": { "name": "oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "product_id": "oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "product_identification_helper": { "purl": "pkg:oci/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.3.1-40" } } }, { "category": "product_version", "name": "oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "product": { "name": "oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "product_id": "oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.3.1-16" } } }, { "category": "product_version", "name": "oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "product": { "name": "oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "product_id": "oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.3.1-16" } } }, { "category": "product_version", "name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "product": { "name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.3.1-10" } } }, { "category": "product_version", "name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "product": { "name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "product_id": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel9\u0026tag=1.3.1-11" } } }, { "category": "product_version", "name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "product": { "name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.3.1-11" } } }, { "category": "product_version", "name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "product": { "name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.3.1-11" } } }, { "category": "product_version", "name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "product": { "name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "product_identification_helper": { "purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.3.1-13" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le" }, "product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x" }, "product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64" }, "product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64" }, "product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64" }, "product_reference": "oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64" }, "product_reference": "oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le" }, "product_reference": "oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x" }, "product_reference": "oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64" }, "product_reference": "oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le" }, "product_reference": "oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x" }, "product_reference": "oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64" }, "product_reference": "oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64" }, "product_reference": "oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le" }, "product_reference": "oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x" }, "product_reference": "oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64" }, "product_reference": "oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x" }, "product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64" }, "product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64" }, "product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le" }, "product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x" }, "product_reference": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64" }, "product_reference": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64" }, "product_reference": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le" }, "product_reference": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64" }, "product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x" }, "product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le" }, "product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64" }, "product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64" }, "product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x" }, "product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le" }, "product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64" }, "product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x" }, "product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64" }, "product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64" }, "product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le" }, "product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64" }, "product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x" }, "product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64" }, "product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le" }, "product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64" }, "product_reference": "oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64 as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64" }, "product_reference": "oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le" }, "product_reference": "oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "relates_to_product_reference": "9Base-OADP-1.3" }, { "category": "default_component_of", "full_product_name": { "name": "oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x as a component of 9Base-OADP-1.3", "product_id": "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" }, "product_reference": "oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x", "relates_to_product_reference": "9Base-OADP-1.3" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-39326", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2023-12-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2253330" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body (up to 1GiB), causing the receiver to fail reading the response, possibly leading to a Denial of Service (DoS).", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ], "known_not_affected": [ "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-39326" }, { "category": "external", "summary": "RHBZ#2253330", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253330" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39326", "url": "https://www.cve.org/CVERecord?id=CVE-2023-39326" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39326", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39326" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2023-2382", "url": "https://pkg.go.dev/vuln/GO-2023-2382" } ], "release_date": "2023-12-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-04-16T17:26:06+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1859" }, { "category": "workaround", "details": "No mitigation is available for this flaw.", "product_ids": [ "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests" }, { "cve": "CVE-2023-45142", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2023-10-19T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2245180" } ], "notes": [ { "category": "description", "text": "A memory leak was found in the otelhttp handler of open-telemetry. This flaw allows a remote, unauthenticated attacker to exhaust the server\u0027s memory by sending many malicious requests, affecting the availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "opentelemetry: DoS vulnerability in otelhttp", "title": "Vulnerability summary" }, { "category": "other", "text": "While no authentication is required, there are a significant number of non-default factors which prevent widespread exploitation of this flaw. For a service to be affected, all of the following must be true:\n* The go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp package must be in use\n* Configured a metrics pipeline which uses the otelhttp.NewHandler wrapper function\n* No filtering of unknown HTTP methods or user agents at a higher level (such as Content Delivery Network/Load Balancer/etc...)\n\nDue to the limited attack surface, Red Hat Product Security rates the impact as Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64" ], "known_not_affected": [ "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-45142" }, { "category": "external", "summary": "RHBZ#2245180", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245180" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-45142", "url": "https://www.cve.org/CVERecord?id=CVE-2023-45142" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45142", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45142" }, { "category": "external", "summary": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-rcjv-mgp8-qvmr", "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-rcjv-mgp8-qvmr" } ], "release_date": "2023-10-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-04-16T17:26:06+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1859" }, { "category": "workaround", "details": "As a workaround to stop being affected otelhttp.WithFilter() can be used.\n\nFor convenience and safe usage of this library, it should by default mark with the label unknown non-standard HTTP methods and User agents to show that such requests were made but do not increase cardinality. In case someone wants to stay with the current behavior, library API should allow to enable it.\n\nThe other possibility is to disable HTTP metrics instrumentation by passing otelhttp.WithMeterProvider option with noop.NewMeterProvider.", "product_ids": [ "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "opentelemetry: DoS vulnerability in otelhttp" }, { "cve": "CVE-2023-45287", "cwe": { "id": "CWE-208", "name": "Observable Timing Discrepancy" }, "discovery_date": "2023-12-05T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2253193" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Golang crypto/tls standard library. In previous versions, the package was vulnerable to a Timing Side Channel attack by observing the time it took for RSA-based TLS key exchanges, which was not constant. This flaw allows a malicious user to gather information from the environment.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges.", "title": "Vulnerability summary" }, { "category": "other", "text": "The identified flaw in the Golang crypto/tls library, is assessed as a moderate severity issue rather than important due to several mitigating factors. Although the vulnerability exposes a Timing Side Channel, potentially allowing information retrieval through RSA-based TLS key exchanges, its exploitation demands significant access and expertise. Additionally, while earlier versions implemented RSA blinding to counter timing attacks, the removal of PKCS#1 padding may still leak timing data. However, the practicality of exploiting this flaw is limited, and the transition to a fully constant time RSA implementation in Go 1.20 significantly bolsters security, reducing the risk posed by timing side channels.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ], "known_not_affected": [ "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-45287" }, { "category": "external", "summary": "RHBZ#2253193", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253193" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-45287", "url": "https://www.cve.org/CVERecord?id=CVE-2023-45287" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45287", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45287" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2023-2375", "url": "https://pkg.go.dev/vuln/GO-2023-2375" } ], "release_date": "2023-12-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-04-16T17:26:06+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1859" }, { "category": "workaround", "details": "No current mitigation is available for this vulnerability.", "product_ids": [ "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges." }, { "cve": "CVE-2023-48795", "cwe": { "id": "CWE-222", "name": "Truncation of Security-relevant Information" }, "discovery_date": "2023-12-12T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2254210" } ], "notes": [ { "category": "description", "text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)", "title": "Vulnerability summary" }, { "category": "other", "text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ], "known_not_affected": [ "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-48795" }, { "category": "external", "summary": "RHBZ#2254210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795", "url": "https://www.cve.org/CVERecord?id=CVE-2023-48795" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795" }, { "category": "external", "summary": "https://access.redhat.com/solutions/7071748", "url": "https://access.redhat.com/solutions/7071748" }, { "category": "external", "summary": "https://terrapin-attack.com/", "url": "https://terrapin-attack.com/" } ], "release_date": "2023-12-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-04-16T17:26:06+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1859" }, { "category": "workaround", "details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748", "product_ids": [ "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)" }, { "cve": "CVE-2024-24786", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2024-03-06T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2268046" } ], "notes": [ { "category": "description", "text": "A flaw was found in Golang\u0027s protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ], "known_not_affected": [ "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-24786" }, { "category": "external", "summary": "RHBZ#2268046", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24786", "url": "https://www.cve.org/CVERecord?id=CVE-2024-24786" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786" }, { "category": "external", "summary": "https://go.dev/cl/569356", "url": "https://go.dev/cl/569356" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/", "url": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2024-2611", "url": "https://pkg.go.dev/vuln/GO-2024-2611" } ], "release_date": "2024-03-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-04-16T17:26:06+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1859" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON" }, { "cve": "CVE-2024-28180", "cwe": { "id": "CWE-409", "name": "Improper Handling of Highly Compressed Data (Data Amplification)" }, "discovery_date": "2024-03-10T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2268854" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Jose due to improper handling of highly compressed data. This issue could allow an attacker to send a JWE containing compressed data that uses large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti.", "title": "Vulnerability description" }, { "category": "summary", "text": "jose-go: improper handling of highly compressed data", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le" ], "known_not_affected": [ "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-28180" }, { "category": "external", "summary": "RHBZ#2268854", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268854" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-28180", "url": "https://www.cve.org/CVERecord?id=CVE-2024-28180" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28180", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28180" }, { "category": "external", "summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g", "url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g" } ], "release_date": "2024-03-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-04-16T17:26:06+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:1859" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:42dc13f4c214cf2785207914495887794a948f968ebe72495346ddff7ba94e52_ppc64le", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:4ec3d45a232dc0478ea0194e8d044284633bfe59e37e8e754e01570bfa633528_s390x", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:52197469936ad5b710057f3ae17f58de1432af83923ccded9bdc291bff3a2d9a_arm64", "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:9a2144f707c9cf35e35145e3f49898c32bc5c390af180808464fe8614a93c1b6_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:2b5e5dd83ba18ab639c1307c35cc34fbad7c59648315df3341449daac9f7588c_amd64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:388055859d06499407148e9aaa52d15da3118b123a2c89ca9220e9466518ef07_arm64", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:61f624d5b4a78decaed3d74edf56217ad50e8967a8e4637a2ee08f424b74f12c_ppc64le", "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:a9c5c60ddbaee035f2b535787d3bf469b4131b4439a023dd41339db86d546dfc_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:3c63b4bbf5c70b63694784857d7e4d962a5a6caddd8f62ecfb9153b861c48e55_arm64", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:82613d64c36cc435063ec02f0e3dd2edabbeb7a85763151011b6e4e617fe4b8f_ppc64le", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d1fb5950f18428d88df190793f33c68f27772fd8d867582e7ed265d631ac20d9_s390x", "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:d3f0997772e9e28eba7d1424bf1ea2a5790ccdc43e0823d95866941797fd064b_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:0b824b48cc2078d31f6ac1db1b78045e08064850d95e7363f6c9e2b33c9436ee_amd64", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:52de391f9eec3f6746e1d3f3cbbfa004a552a5c27a2983d303d18208a39cc697_ppc64le", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:699a655022299b71e8ea2d67d84cd026228127d3e7f4e00f74caf713cf28f867_s390x", "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:7384faa57528c04e270f4a0599c99478d96de6c77a6759188e370e480261ac7b_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:0974f65696e98c806c14e6812cf3292ab03a0b621714e7f091d7e326a7ebb77b_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2c176efaabf984947fb66bb33d14a637f66f06f9e7f3f7423b7fccec045a7a52_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:716cec49a663d87eff7eaf9ddc948d2861645d601a2e15605cb660c9f98ab489_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c1758a4e31ed5d623b1fd9ab8deb99a15da0584a178ef120e64ad15b9fb6a931_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:436b76db12ba27ccafcddc38469cc2adff20d0c72e334240af84d4e8a3011c25_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:9833ca3b1b53eccc9de4e117bef53bb94d5be02d89bed222ef80dcd221bc1b18_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:b4c014e340a80ad67b422eb1d72adce21b6a01104ef6eb9225531e50c8cddb62_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:bcd29d854e51b5a154d77134b78c6338cdb638c58cd1548704f02dddec00c6e6_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:1e1f9e277ceeed8be865abd424747a2a777806cde2195599e4ea9f0e787ad359_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4a4aeb844a7f119253763012771abce649f8b7bbdcb326f4714e72d1e318b33a_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b80b98a43c128ff17e8ba9eb80622d01c280d5ddba66e67de85cb73e415a5a8d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:fd56ce05bbd9c6786923df9ee34efe4f6b7d1bde979705cfcd7b4d30bbc1dca1_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:24f6efdc0e3964ab1efee6e053551614de282e6bed90e9d14273cf284b20c307_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7f474a4831a010dc097de146c728538d5e8504305afd1dee08d41c2283ba30ef_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a6b9816bbba897897f632c119579f7101a4b9c72fc2a2a86e917bc47fabded1d_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb7f2faab19f9386d10b7bde2395ce8cdd24e4a8dbb4ee8f052586785ac74063_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:0b8e9b27c4739840c054d6c7260a268ae925ad404c04b74c1a543efeb84679db_arm64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:6037459145f67f201c49ebd87e82717bf8acc8c6118468038a0a040e3994ca75_s390x", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:c9d88e0b4a3b15665a6c55a406174bc905c3ba0d18a9b9496923884c8d1b0176_amd64", "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d0eefa6d731af31e2910b7af4c250dd6d7e91be0cef03d9d65aa130957094990_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:02f194caab292aea9bcbb22556fca8e2d7d893a629e6e56097501501fbff7ba7_amd64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:434d8810953c3688637f478d2fee765741997332ae0efe549384645cdfc722fe_arm64", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:d0089d7ff8f5376ad45981e7c727685c9101b0281720e4abab140af757d5b105_ppc64le", "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:f31751d570d089ff7165c81727221e66c8f4e75876ea367683e9c68f03778a79_s390x" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:4df78ca988726cc65fba06f8c3d8fcd13fa324ea04a036aaa7177cc17695e6bf_s390x", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:60e958b76093fd05be6d93785f709338c66e95a86551dd317242e25b954a6c55_amd64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:98d78b8dcc1a7cda1a4845c40a9799018cdbc77846ea530ac9bbf88c86a9c209_arm64", "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:eee8a3d43761e95adb3288512c5598a723ca5e7d985470ee202797b863618522_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jose-go: improper handling of highly compressed data" } ] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.