RHSA-2024_1901
Vulnerability from csaf_redhat - Published: 2024-04-18 07:17 - Updated: 2024-12-17 22:39Summary
Red Hat Security Advisory: Red Hat Service Interconnect 1.5.3 Release (images)
Severity
Moderate
Notes
Topic: OpenShift container images for the Red Hat Service Interconnect 1.5 release.
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details: Red Hat Service Interconnect 1.5 creates a service network, linking
TCP and HTTP services across the hybrid cloud.
A service network enables communication between services running in different network locations or sites.
It allows geographically distributed services to connect as if they were all running in the same site.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Golang. The html/template package did not properly handle HMTL-like "<!--" and "-->" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. This issue may cause the template parser to improperly interpret the contents of <script> contexts, causing actions to be improperly escaped.
6.1 (Medium)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in <script> contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped.
6.1 (Medium)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic.
7.5 (High)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size.
7.5 (High)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body (up to 1GiB), causing the receiver to fail reading the response, possibly leading to a Denial of Service (DoS).
5.3 (Medium)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Golang crypto/tls standard library. In previous versions, the package was vulnerable to a Timing Side Channel attack by observing the time it took for RSA-based TLS key exchanges, which was not constant. This flaw allows a malicious user to gather information from the environment.
7.5 (High)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
51 references
Acknowledgments
GMO Cybersecurity by Ierae, Inc.
Takeshi Kaneko
Martin Seemann
Marten Seemann
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "OpenShift container images for the Red Hat Service Interconnect 1.5 release.\n\nRed Hat Product Security has rated this update as having a security impact of\nModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Service Interconnect 1.5 creates a service network, linking\nTCP and HTTP services across the hybrid cloud.\nA service network enables communication between services running in different network locations or sites.\nIt allows geographically distributed services to connect as if they were all running in the same site.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1901",
"url": "https://access.redhat.com/errata/RHSA-2024:1901"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_service_interconnect/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_service_interconnect/"
},
{
"category": "external",
"summary": "2237773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237773"
},
{
"category": "external",
"summary": "2237776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237776"
},
{
"category": "external",
"summary": "2237777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237777"
},
{
"category": "external",
"summary": "2237778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237778"
},
{
"category": "external",
"summary": "2253193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253193"
},
{
"category": "external",
"summary": "2253330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253330"
},
{
"category": "external",
"summary": "SKUPPER-1304",
"url": "https://issues.redhat.com/browse/SKUPPER-1304"
},
{
"category": "external",
"summary": "SKUPPER-1338",
"url": "https://issues.redhat.com/browse/SKUPPER-1338"
},
{
"category": "external",
"summary": "SKUPPER-1463",
"url": "https://issues.redhat.com/browse/SKUPPER-1463"
},
{
"category": "external",
"summary": "SKUPPER-976",
"url": "https://issues.redhat.com/browse/SKUPPER-976"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1901.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Service Interconnect 1.5.3 Release (images)",
"tracking": {
"current_release_date": "2024-12-17T22:39:14+00:00",
"generator": {
"date": "2024-12-17T22:39:14+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:1901",
"initial_release_date": "2024-04-18T07:17:25+00:00",
"revision_history": [
{
"date": "2024-04-18T07:17:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-04-18T07:17:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:39:14+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Service Interconnect 1",
"product": {
"name": "Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_interconnect:1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Service Interconnect"
},
{
"branches": [
{
"category": "product_version",
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"product": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.5.3-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"product": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"product_id": "service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-rhel9\u0026tag=1.5.3-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"product": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.5.3-2"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"product": {
"name": "service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"product_id": "service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-operator-bundle\u0026tag=1.5.3-3"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"product": {
"name": "service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"product_id": "service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-router-rhel9\u0026tag=2.5.1-2"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"product": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.5.3-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"product": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.5.3-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"product": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.5.3-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"product": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"product_id": "service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-rhel9\u0026tag=1.5.3-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"product": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.5.3-2"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"product": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.5.3-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"product": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.5.3-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"product": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.5.3-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"product": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"product_id": "service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-rhel9\u0026tag=1.5.3-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"product": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.5.3-2"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"product": {
"name": "service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"product_id": "service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-operator-bundle\u0026tag=1.5.3-3"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"product": {
"name": "service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"product_id": "service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-router-rhel9\u0026tag=2.5.1-2"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"product": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.5.3-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64",
"product": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64",
"product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.5.3-2"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"product": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"product_identification_helper": {
"purl": "pkg:oci/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.5.3-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"product": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"product_id": "service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-rhel9\u0026tag=1.5.3-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"product": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.5.3-2"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"product": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"product_identification_helper": {
"purl": "pkg:oci/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.5.3-1"
}
}
},
{
"category": "product_version",
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"product": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.5.3-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64"
},
"product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le"
},
"product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x"
},
"product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64"
},
"product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64"
},
"product_reference": "service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64"
},
"product_reference": "service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x"
},
"product_reference": "service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le"
},
"product_reference": "service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le"
},
"product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x"
},
"product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64"
},
"product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64"
},
"product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64"
},
"product_reference": "service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64"
},
"product_reference": "service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64"
},
"product_reference": "service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64"
},
"product_reference": "service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64"
},
"product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64"
},
"product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le"
},
"product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x"
},
"product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le"
},
"product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64"
},
"product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x"
},
"product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64 as a component of Red Hat Service Interconnect 1",
"product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
},
"product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64",
"relates_to_product_reference": "9Base-Service-Interconnect-1"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Takeshi Kaneko"
],
"organization": "GMO Cybersecurity by Ierae, Inc."
}
],
"cve": "CVE-2023-39318",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237776"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The html/template package did not properly handle HMTL-like \"\u003c!--\" and \"--\u003e\" comment tokens, nor hashbang \"#!\" comment tokens, in \u003cscript\u003e contexts. This issue may cause the template parser to improperly interpret the contents of \u003cscript\u003e contexts, causing actions to be improperly escaped.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of HTML-like comments within script contexts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39318"
},
{
"category": "external",
"summary": "RHBZ#2237776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237776"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318"
},
{
"category": "external",
"summary": "https://go.dev/cl/526156",
"url": "https://go.dev/cl/526156"
},
{
"category": "external",
"summary": "https://go.dev/issue/62196",
"url": "https://go.dev/issue/62196"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2041.json",
"url": "https://vuln.go.dev/ID/GO-2023-2041.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-18T07:17:25+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper handling of HTML-like comments within script contexts"
},
{
"acknowledgments": [
{
"names": [
"Takeshi Kaneko"
],
"organization": "GMO Cybersecurity by Ierae, Inc."
}
],
"cve": "CVE-2023-39319",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237773"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of \"\u003cscript\", \"\u003c!--\", and \"\u003c/script\" within JS literals in \u003cscript\u003e contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of special tags within script contexts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39319"
},
{
"category": "external",
"summary": "RHBZ#2237773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237773"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39319",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39319"
},
{
"category": "external",
"summary": "https://go.dev/cl/526157",
"url": "https://go.dev/cl/526157"
},
{
"category": "external",
"summary": "https://go.dev/issue/62197",
"url": "https://go.dev/issue/62197"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2043.json",
"url": "https://vuln.go.dev/ID/GO-2023-2043.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-18T07:17:25+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper handling of special tags within script contexts"
},
{
"acknowledgments": [
{
"names": [
"Martin Seemann"
]
}
],
"cve": "CVE-2023-39321",
"discovery_date": "2023-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237777"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: panic when processing post-handshake message on QUIC connections",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39321"
},
{
"category": "external",
"summary": "RHBZ#2237777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39321"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39321",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39321"
},
{
"category": "external",
"summary": "https://go.dev/cl/523039",
"url": "https://go.dev/cl/523039"
},
{
"category": "external",
"summary": "https://go.dev/issue/62266",
"url": "https://go.dev/issue/62266"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2044.json",
"url": "https://vuln.go.dev/ID/GO-2023-2044.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-18T07:17:25+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: panic when processing post-handshake message on QUIC connections"
},
{
"acknowledgments": [
{
"names": [
"Marten Seemann"
]
}
],
"cve": "CVE-2023-39322",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237778"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: lack of a limit on buffered post-handshake",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39322"
},
{
"category": "external",
"summary": "RHBZ#2237778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237778"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39322"
},
{
"category": "external",
"summary": "https://go.dev/cl/523039",
"url": "https://go.dev/cl/523039"
},
{
"category": "external",
"summary": "https://go.dev/issue/62266",
"url": "https://go.dev/issue/62266"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2045.json",
"url": "https://vuln.go.dev/ID/GO-2023-2045.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-18T07:17:25+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1901"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: lack of a limit on buffered post-handshake"
},
{
"cve": "CVE-2023-39326",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2253330"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body (up to 1GiB), causing the receiver to fail reading the response, possibly leading to a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39326"
},
{
"category": "external",
"summary": "RHBZ#2253330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253330"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39326",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39326"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2382",
"url": "https://pkg.go.dev/vuln/GO-2023-2382"
}
],
"release_date": "2023-12-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-18T07:17:25+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1901"
},
{
"category": "workaround",
"details": "No mitigation is available for this flaw.",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests"
},
{
"cve": "CVE-2023-45287",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2023-12-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2253193"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Golang crypto/tls standard library. In previous versions, the package was vulnerable to a Timing Side Channel attack by observing the time it took for RSA-based TLS key exchanges, which was not constant. This flaw allows a malicious user to gather information from the environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified flaw in the Golang crypto/tls library, is assessed as a moderate severity issue rather than important due to several mitigating factors. Although the vulnerability exposes a Timing Side Channel, potentially allowing information retrieval through RSA-based TLS key exchanges, its exploitation demands significant access and expertise. Additionally, while earlier versions implemented RSA blinding to counter timing attacks, the removal of PKCS#1 padding may still leak timing data. However, the practicality of exploiting this flaw is limited, and the transition to a fully constant time RSA implementation in Go 1.20 significantly bolsters security, reducing the risk posed by timing side channels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45287"
},
{
"category": "external",
"summary": "RHBZ#2253193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45287",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45287"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-2375",
"url": "https://pkg.go.dev/vuln/GO-2023-2375"
}
],
"release_date": "2023-12-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-04-18T07:17:25+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1901"
},
{
"category": "workaround",
"details": "No current mitigation is available for this vulnerability.",
"product_ids": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:180140ab08a50b95fd982a87a6ddac0968acf7e5f704a43542537c3a9b9ddaad_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:69e6c14c9d843d31009ae19cd295596abb8d344736f1f97e6ffcefa66b5c7abc_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:734ae2301b21d7e918baf0611c48edd115d1381e815a39a241fe577d7b2e3491_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:8140748eb1a371b066bedc10a34af1159a15767e316db65d6b3d1f58378bdd68_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:4cad86929f84fae53bfbaf15e540492c23e9b89b0e668585e393b684367c039d_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:68d4cb3134f36ed18dbb93bfa08979cbff7f96d635f6a8ae2e0cc58a28a04e1b_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:74ecd321293c273e97a0fc905e144db58d5a64b0baeee149dd0cbb8b3335860f_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:b0d2c06e613c738062077560c426a770398aebd75aa0ffbc28c41542cc64312a_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:041afed1637a46f653aec15f852c940f20ec37080cc42efe0fc4aebfb72799d5_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:1f332712d5b57601d6aa572635e5d6b57b710a3ace753e8c259dc2538d492b3c_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:7dc11addf5b8c1bf12462546cc1ef6a5bba3b8958f24f2f2fa3c788ea4a38dd4_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8d702f52efb148f5b9fc4f42b3259dc08ad50fd0231316bb0a37e82e4631b066_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:b519fc58904f982ab0e04bf5e799c23b0a8e929f0439cd423dc8dcfd51605932_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:d55852cc4e6dd6324a4c633c39e0858cef5bd7d80df74a0a202eda2299525ce2_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:60f5322bad7f9a67ecfcac6266c002d1c48946f5b34245e495a81e67b4656e5f_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:7872ce2d68624c4c4b750152fd56661637fc62207ad8330baa61d05e09019bdb_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:73cfb86ea5d01d0c4d729a03f9a8ae701a9d53d3f005673237704adb05414632_arm64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d6f6111e7931995eb31dce83a4ece50dae0d82a5654ac534c6e17f0ccf02a641_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bd1db12c604efa1a12f8106dca9308ce80be40fb5552a46470969dab1b1c97_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:d9bde8b8ae60e36b7e13efb7a1dd1412e534143269d568e4072fa79b75706021_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:906e593e142ac5b9b11c618a96933e00fa6adb94744f9de46912debd0f78f90b_ppc64le",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:a3c31b3d93a3157de6793b35a4fc9234942aea79797e94bd13f2f994d4aea175_amd64",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:d7ef2b4309851199a3a9b1a533d9b2f8ebf2749114d1f5024a39d4a10b038e1e_s390x",
"9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f465001e8c2cb1369db5f2c109aa3ea0e6ff3d76b670f47ffcf54d35e216a08c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: Timing Side Channel attack in RSA based TLS key exchanges."
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…