rhsa-2024_2815
Vulnerability from csaf_redhat
Published
2024-05-10 19:06
Modified
2024-09-18 13:42
Summary
Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.11.4 security update
Notes
Topic
An update is now available for Red Hat OpenShift GitOps v1.11.4 for Argo CD UI and Console Plugin. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Errata Advisory for Red Hat OpenShift GitOps v1.11.4.
Security Fix(es):
* argo-cd: webpack-dev-middleware: lack of URL validation may lead to file leak (CVE-2024-29180)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
1. Fix for a critical bug reported by customers where IgnoreDifferences Option in Sync Options was not working for array fields in ArgoCD. This fix will allow the users to ignore specific fields in the array when specified in ignoreDifferences during Sync.
2. A fix that enables customer to add clusters hosted on GCP to ArgoCD.
3. An important customer fix that ensures that Argo CD correctly reports support for these host key algorithms during the handshake process, allowing the pull from Azure DevOps Repos to succeed.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift GitOps v1.11.4 for Argo CD UI and Console Plugin. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Errata Advisory for Red Hat OpenShift GitOps v1.11.4.\n\nSecurity Fix(es):\n\n* argo-cd: webpack-dev-middleware: lack of URL validation may lead to file leak (CVE-2024-29180)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n1. Fix for a critical bug reported by customers where IgnoreDifferences Option in Sync Options was not working for array fields in ArgoCD. This fix will allow the users to ignore specific fields in the array when specified in ignoreDifferences during Sync.\n\n2. A fix that enables customer to add clusters hosted on GCP to ArgoCD.\n\n3. An important customer fix that ensures that Argo CD correctly reports support for these host key algorithms during the handshake process, allowing the pull from Azure DevOps Repos to succeed.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:2815",
"url": "https://access.redhat.com/errata/RHSA-2024:2815"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.openshift.com/gitops/1.11/release_notes/gitops-release-notes.html",
"url": "https://docs.openshift.com/gitops/1.11/release_notes/gitops-release-notes.html"
},
{
"category": "external",
"summary": "https://docs.openshift.com/gitops/1.11/understanding_openshift_gitops/about-redhat-openshift-gitops.html",
"url": "https://docs.openshift.com/gitops/1.11/understanding_openshift_gitops/about-redhat-openshift-gitops.html"
},
{
"category": "external",
"summary": "2270863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
},
{
"category": "external",
"summary": "GITOPS-3736",
"url": "https://issues.redhat.com/browse/GITOPS-3736"
},
{
"category": "external",
"summary": "GITOPS-4226",
"url": "https://issues.redhat.com/browse/GITOPS-4226"
},
{
"category": "external",
"summary": "GITOPS-4358",
"url": "https://issues.redhat.com/browse/GITOPS-4358"
},
{
"category": "external",
"summary": "GITOPS-4513",
"url": "https://issues.redhat.com/browse/GITOPS-4513"
},
{
"category": "external",
"summary": "GITOPS-4543",
"url": "https://issues.redhat.com/browse/GITOPS-4543"
},
{
"category": "external",
"summary": "GITOPS-4645",
"url": "https://issues.redhat.com/browse/GITOPS-4645"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_2815.json"
}
],
"title": "Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.11.4 security update",
"tracking": {
"current_release_date": "2024-09-18T13:42:57+00:00",
"generator": {
"date": "2024-09-18T13:42:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2024:2815",
"initial_release_date": "2024-05-10T19:06:29+00:00",
"revision_history": [
{
"date": "2024-05-10T19:06:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-05-10T19:06:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T13:42:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.11",
"product": {
"name": "Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.11::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:89ed0b3af1445d4e518bdb587193300c5b4fa10807f66355ae39cfafb8e7410c_arm64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:89ed0b3af1445d4e518bdb587193300c5b4fa10807f66355ae39cfafb8e7410c_arm64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:89ed0b3af1445d4e518bdb587193300c5b4fa10807f66355ae39cfafb8e7410c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:89ed0b3af1445d4e518bdb587193300c5b4fa10807f66355ae39cfafb8e7410c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:ea5ba2ed0a48e249b413d234a09bc0b7b82127078bbf37b6c183d31625cb6dc8_arm64",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:ea5ba2ed0a48e249b413d234a09bc0b7b82127078bbf37b6c183d31625cb6dc8_arm64",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:ea5ba2ed0a48e249b413d234a09bc0b7b82127078bbf37b6c183d31625cb6dc8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:ea5ba2ed0a48e249b413d234a09bc0b7b82127078bbf37b6c183d31625cb6dc8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:7d673f63ef8945f66a751b901fa1cc60d12e56961ab8c004a5fd396d7d282bf0_arm64",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:7d673f63ef8945f66a751b901fa1cc60d12e56961ab8c004a5fd396d7d282bf0_arm64",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:7d673f63ef8945f66a751b901fa1cc60d12e56961ab8c004a5fd396d7d282bf0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:7d673f63ef8945f66a751b901fa1cc60d12e56961ab8c004a5fd396d7d282bf0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:705424f8b1e5f6062fa659cdf5c9224263f5d5976aef522adbc907b000a7df0e_arm64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:705424f8b1e5f6062fa659cdf5c9224263f5d5976aef522adbc907b000a7df0e_arm64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:705424f8b1e5f6062fa659cdf5c9224263f5d5976aef522adbc907b000a7df0e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:705424f8b1e5f6062fa659cdf5c9224263f5d5976aef522adbc907b000a7df0e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:a537c13f6444058fad3fd903952eb1e2b61d8bd43ba3fcfd7511ad52cb6b0fbf_arm64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:a537c13f6444058fad3fd903952eb1e2b61d8bd43ba3fcfd7511ad52cb6b0fbf_arm64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:a537c13f6444058fad3fd903952eb1e2b61d8bd43ba3fcfd7511ad52cb6b0fbf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:a537c13f6444058fad3fd903952eb1e2b61d8bd43ba3fcfd7511ad52cb6b0fbf?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:c279444dc5b611c1b5a5dcbcdc4912ef2accc92387618261f696bd9577af2c68_arm64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:c279444dc5b611c1b5a5dcbcdc4912ef2accc92387618261f696bd9577af2c68_arm64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:c279444dc5b611c1b5a5dcbcdc4912ef2accc92387618261f696bd9577af2c68_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:c279444dc5b611c1b5a5dcbcdc4912ef2accc92387618261f696bd9577af2c68?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:35eb5b33006c2a70002b70f8fe076d8061cec6cfc7bdcf699e8bfd8fda64e210_arm64",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:35eb5b33006c2a70002b70f8fe076d8061cec6cfc7bdcf699e8bfd8fda64e210_arm64",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:35eb5b33006c2a70002b70f8fe076d8061cec6cfc7bdcf699e8bfd8fda64e210_arm64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:35eb5b33006c2a70002b70f8fe076d8061cec6cfc7bdcf699e8bfd8fda64e210?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:36e65a2fdb47fa6e6352d2c4ba97d739390804acf45846d7d46e1ed39b58f9ce_arm64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:36e65a2fdb47fa6e6352d2c4ba97d739390804acf45846d7d46e1ed39b58f9ce_arm64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:36e65a2fdb47fa6e6352d2c4ba97d739390804acf45846d7d46e1ed39b58f9ce_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:36e65a2fdb47fa6e6352d2c4ba97d739390804acf45846d7d46e1ed39b58f9ce?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.11.4-7"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:21afa76182bb4d58037b1709f46fa0600bcaaa14f1a98635fc0f41b06912925c_ppc64le",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:21afa76182bb4d58037b1709f46fa0600bcaaa14f1a98635fc0f41b06912925c_ppc64le",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:21afa76182bb4d58037b1709f46fa0600bcaaa14f1a98635fc0f41b06912925c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:21afa76182bb4d58037b1709f46fa0600bcaaa14f1a98635fc0f41b06912925c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bdd0bb4fb7deefedde48b96c1bf400c0159869ae0a18658aaf93c5bd34bcfe8b_ppc64le",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bdd0bb4fb7deefedde48b96c1bf400c0159869ae0a18658aaf93c5bd34bcfe8b_ppc64le",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bdd0bb4fb7deefedde48b96c1bf400c0159869ae0a18658aaf93c5bd34bcfe8b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:bdd0bb4fb7deefedde48b96c1bf400c0159869ae0a18658aaf93c5bd34bcfe8b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:05bba5a2ff04847ff2c0620af26c87f4dfaac91a290dab37eb4425cfc6157923_ppc64le",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:05bba5a2ff04847ff2c0620af26c87f4dfaac91a290dab37eb4425cfc6157923_ppc64le",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:05bba5a2ff04847ff2c0620af26c87f4dfaac91a290dab37eb4425cfc6157923_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:05bba5a2ff04847ff2c0620af26c87f4dfaac91a290dab37eb4425cfc6157923?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:388f2d08833e70aefd6e840582f7483ac0ce2eb271bc490d1a2c73f5dd5f5576_ppc64le",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:388f2d08833e70aefd6e840582f7483ac0ce2eb271bc490d1a2c73f5dd5f5576_ppc64le",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:388f2d08833e70aefd6e840582f7483ac0ce2eb271bc490d1a2c73f5dd5f5576_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:388f2d08833e70aefd6e840582f7483ac0ce2eb271bc490d1a2c73f5dd5f5576?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:0f7c37902ff30d274e43cfa6709a9bfeee4fe05372b0749a2c0b75830508c882_ppc64le",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:0f7c37902ff30d274e43cfa6709a9bfeee4fe05372b0749a2c0b75830508c882_ppc64le",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:0f7c37902ff30d274e43cfa6709a9bfeee4fe05372b0749a2c0b75830508c882_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:0f7c37902ff30d274e43cfa6709a9bfeee4fe05372b0749a2c0b75830508c882?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:fdad9093445ce4b8122dc804ff7ae9b6195cd7c5beac953e8fc4038a344ed533_ppc64le",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:fdad9093445ce4b8122dc804ff7ae9b6195cd7c5beac953e8fc4038a344ed533_ppc64le",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:fdad9093445ce4b8122dc804ff7ae9b6195cd7c5beac953e8fc4038a344ed533_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:fdad9093445ce4b8122dc804ff7ae9b6195cd7c5beac953e8fc4038a344ed533?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:4c64fc396faa8f91e0d37a7d99fb4ec340e93961ac27dd9efb408878534fee92_ppc64le",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:4c64fc396faa8f91e0d37a7d99fb4ec340e93961ac27dd9efb408878534fee92_ppc64le",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:4c64fc396faa8f91e0d37a7d99fb4ec340e93961ac27dd9efb408878534fee92_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:4c64fc396faa8f91e0d37a7d99fb4ec340e93961ac27dd9efb408878534fee92?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:e594459645c4584a6f0e479f15b109f5dff0ffa51510879638a57a90b0a41858_ppc64le",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:e594459645c4584a6f0e479f15b109f5dff0ffa51510879638a57a90b0a41858_ppc64le",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:e594459645c4584a6f0e479f15b109f5dff0ffa51510879638a57a90b0a41858_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:e594459645c4584a6f0e479f15b109f5dff0ffa51510879638a57a90b0a41858?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.11.4-7"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:4f6122194bee9ef5f62c1c19784dbef2acc13ad598a68c6049dfd3ce2a830089_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:4f6122194bee9ef5f62c1c19784dbef2acc13ad598a68c6049dfd3ce2a830089_amd64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:4f6122194bee9ef5f62c1c19784dbef2acc13ad598a68c6049dfd3ce2a830089_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:4f6122194bee9ef5f62c1c19784dbef2acc13ad598a68c6049dfd3ce2a830089?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:930382e80334938d8c77c535e5902a21e739b4c85b6ec3e7594d1f974d215d68_amd64",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:930382e80334938d8c77c535e5902a21e739b4c85b6ec3e7594d1f974d215d68_amd64",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:930382e80334938d8c77c535e5902a21e739b4c85b6ec3e7594d1f974d215d68_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:930382e80334938d8c77c535e5902a21e739b4c85b6ec3e7594d1f974d215d68?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:638def92b1eb97ab9ec59b0c535a651f5cb42992fca30a51d347684831ccff48_amd64",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:638def92b1eb97ab9ec59b0c535a651f5cb42992fca30a51d347684831ccff48_amd64",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:638def92b1eb97ab9ec59b0c535a651f5cb42992fca30a51d347684831ccff48_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:638def92b1eb97ab9ec59b0c535a651f5cb42992fca30a51d347684831ccff48?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:6ed362945bd2aba3651d4bf65e859abe5a02e22fa536820f52e5e4ce7fd344ed_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:6ed362945bd2aba3651d4bf65e859abe5a02e22fa536820f52e5e4ce7fd344ed_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:6ed362945bd2aba3651d4bf65e859abe5a02e22fa536820f52e5e4ce7fd344ed_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:6ed362945bd2aba3651d4bf65e859abe5a02e22fa536820f52e5e4ce7fd344ed?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:de2e79f849a8bba66dbf66b72b5eceb8c8b92f15d511c049aec251fa6a4d222d_amd64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:de2e79f849a8bba66dbf66b72b5eceb8c8b92f15d511c049aec251fa6a4d222d_amd64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:de2e79f849a8bba66dbf66b72b5eceb8c8b92f15d511c049aec251fa6a4d222d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:de2e79f849a8bba66dbf66b72b5eceb8c8b92f15d511c049aec251fa6a4d222d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:e2a5884b0cdd1e9d1204e1731bf42eba7f270eebb62c5e3a18eafa7fc422a3ed_amd64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:e2a5884b0cdd1e9d1204e1731bf42eba7f270eebb62c5e3a18eafa7fc422a3ed_amd64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:e2a5884b0cdd1e9d1204e1731bf42eba7f270eebb62c5e3a18eafa7fc422a3ed_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:e2a5884b0cdd1e9d1204e1731bf42eba7f270eebb62c5e3a18eafa7fc422a3ed?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:4edbd07b7512d83767a78841c04a498dc76b58db286a349ddcb900c7232031a2_amd64",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:4edbd07b7512d83767a78841c04a498dc76b58db286a349ddcb900c7232031a2_amd64",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:4edbd07b7512d83767a78841c04a498dc76b58db286a349ddcb900c7232031a2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:4edbd07b7512d83767a78841c04a498dc76b58db286a349ddcb900c7232031a2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:d8d9a224745f1952819cf831620d5b4ef08f905d80b33d66e4043e5b0163b06a_amd64",
"product": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:d8d9a224745f1952819cf831620d5b4ef08f905d80b33d66e4043e5b0163b06a_amd64",
"product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:d8d9a224745f1952819cf831620d5b4ef08f905d80b33d66e4043e5b0163b06a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256:d8d9a224745f1952819cf831620d5b4ef08f905d80b33d66e4043e5b0163b06a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:9720f6e2911e4c60cc39058de3abd033e0b2dabba01fd921925ac918793f4cfa_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:9720f6e2911e4c60cc39058de3abd033e0b2dabba01fd921925ac918793f4cfa_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:9720f6e2911e4c60cc39058de3abd033e0b2dabba01fd921925ac918793f4cfa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:9720f6e2911e4c60cc39058de3abd033e0b2dabba01fd921925ac918793f4cfa?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.11.4-7"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:1ea709aea08afab4d98092f33b935600de1c1b175f03e399700fd5dd155494ec_s390x",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:1ea709aea08afab4d98092f33b935600de1c1b175f03e399700fd5dd155494ec_s390x",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:1ea709aea08afab4d98092f33b935600de1c1b175f03e399700fd5dd155494ec_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:1ea709aea08afab4d98092f33b935600de1c1b175f03e399700fd5dd155494ec?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:685983400e1ada4332a0416ffe47f593fab34da51dfbd1aac7f07e84524fe22b_s390x",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:685983400e1ada4332a0416ffe47f593fab34da51dfbd1aac7f07e84524fe22b_s390x",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:685983400e1ada4332a0416ffe47f593fab34da51dfbd1aac7f07e84524fe22b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:685983400e1ada4332a0416ffe47f593fab34da51dfbd1aac7f07e84524fe22b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:278bf0667cf12db22c857b8c7a843c5611269e18c7e98f2dacb6b98f51c9453c_s390x",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:278bf0667cf12db22c857b8c7a843c5611269e18c7e98f2dacb6b98f51c9453c_s390x",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:278bf0667cf12db22c857b8c7a843c5611269e18c7e98f2dacb6b98f51c9453c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:278bf0667cf12db22c857b8c7a843c5611269e18c7e98f2dacb6b98f51c9453c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:732281fd8fceec7d66da42744a4b307d4de9569c8ef8cb4804cf4522b3349aff_s390x",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:732281fd8fceec7d66da42744a4b307d4de9569c8ef8cb4804cf4522b3349aff_s390x",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:732281fd8fceec7d66da42744a4b307d4de9569c8ef8cb4804cf4522b3349aff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:732281fd8fceec7d66da42744a4b307d4de9569c8ef8cb4804cf4522b3349aff?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:5398c9f35cf4da7f1ba2fd709f37c013c232c940793b15c6447c636adc891793_s390x",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:5398c9f35cf4da7f1ba2fd709f37c013c232c940793b15c6447c636adc891793_s390x",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:5398c9f35cf4da7f1ba2fd709f37c013c232c940793b15c6447c636adc891793_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:5398c9f35cf4da7f1ba2fd709f37c013c232c940793b15c6447c636adc891793?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:413df9e2d589a8d58ad8ad3ffeec6ad1e1adbc75f9ae9f2954d909e49d867c34_s390x",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:413df9e2d589a8d58ad8ad3ffeec6ad1e1adbc75f9ae9f2954d909e49d867c34_s390x",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:413df9e2d589a8d58ad8ad3ffeec6ad1e1adbc75f9ae9f2954d909e49d867c34_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:413df9e2d589a8d58ad8ad3ffeec6ad1e1adbc75f9ae9f2954d909e49d867c34?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:be52dd86d5d4203faba9568d59c84531ebc97d07d54649422c1bdf61173227fe_s390x",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:be52dd86d5d4203faba9568d59c84531ebc97d07d54649422c1bdf61173227fe_s390x",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:be52dd86d5d4203faba9568d59c84531ebc97d07d54649422c1bdf61173227fe_s390x",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:be52dd86d5d4203faba9568d59c84531ebc97d07d54649422c1bdf61173227fe?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.11.4-7"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:0f1b867fc8c6194ec054ec8207222e13812d407a7fb1653090b7a27a06f6f831_s390x",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:0f1b867fc8c6194ec054ec8207222e13812d407a7fb1653090b7a27a06f6f831_s390x",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:0f1b867fc8c6194ec054ec8207222e13812d407a7fb1653090b7a27a06f6f831_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:0f1b867fc8c6194ec054ec8207222e13812d407a7fb1653090b7a27a06f6f831?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.11.4-7"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:685983400e1ada4332a0416ffe47f593fab34da51dfbd1aac7f07e84524fe22b_s390x as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:685983400e1ada4332a0416ffe47f593fab34da51dfbd1aac7f07e84524fe22b_s390x"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:685983400e1ada4332a0416ffe47f593fab34da51dfbd1aac7f07e84524fe22b_s390x",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:930382e80334938d8c77c535e5902a21e739b4c85b6ec3e7594d1f974d215d68_amd64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:930382e80334938d8c77c535e5902a21e739b4c85b6ec3e7594d1f974d215d68_amd64"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:930382e80334938d8c77c535e5902a21e739b4c85b6ec3e7594d1f974d215d68_amd64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bdd0bb4fb7deefedde48b96c1bf400c0159869ae0a18658aaf93c5bd34bcfe8b_ppc64le as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:bdd0bb4fb7deefedde48b96c1bf400c0159869ae0a18658aaf93c5bd34bcfe8b_ppc64le"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bdd0bb4fb7deefedde48b96c1bf400c0159869ae0a18658aaf93c5bd34bcfe8b_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:ea5ba2ed0a48e249b413d234a09bc0b7b82127078bbf37b6c183d31625cb6dc8_arm64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:ea5ba2ed0a48e249b413d234a09bc0b7b82127078bbf37b6c183d31625cb6dc8_arm64"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:ea5ba2ed0a48e249b413d234a09bc0b7b82127078bbf37b6c183d31625cb6dc8_arm64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:1ea709aea08afab4d98092f33b935600de1c1b175f03e399700fd5dd155494ec_s390x as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:1ea709aea08afab4d98092f33b935600de1c1b175f03e399700fd5dd155494ec_s390x"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:1ea709aea08afab4d98092f33b935600de1c1b175f03e399700fd5dd155494ec_s390x",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:21afa76182bb4d58037b1709f46fa0600bcaaa14f1a98635fc0f41b06912925c_ppc64le as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:21afa76182bb4d58037b1709f46fa0600bcaaa14f1a98635fc0f41b06912925c_ppc64le"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:21afa76182bb4d58037b1709f46fa0600bcaaa14f1a98635fc0f41b06912925c_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:4f6122194bee9ef5f62c1c19784dbef2acc13ad598a68c6049dfd3ce2a830089_amd64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:4f6122194bee9ef5f62c1c19784dbef2acc13ad598a68c6049dfd3ce2a830089_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:4f6122194bee9ef5f62c1c19784dbef2acc13ad598a68c6049dfd3ce2a830089_amd64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:89ed0b3af1445d4e518bdb587193300c5b4fa10807f66355ae39cfafb8e7410c_arm64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:89ed0b3af1445d4e518bdb587193300c5b4fa10807f66355ae39cfafb8e7410c_arm64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:89ed0b3af1445d4e518bdb587193300c5b4fa10807f66355ae39cfafb8e7410c_arm64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:05bba5a2ff04847ff2c0620af26c87f4dfaac91a290dab37eb4425cfc6157923_ppc64le as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:05bba5a2ff04847ff2c0620af26c87f4dfaac91a290dab37eb4425cfc6157923_ppc64le"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:05bba5a2ff04847ff2c0620af26c87f4dfaac91a290dab37eb4425cfc6157923_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:278bf0667cf12db22c857b8c7a843c5611269e18c7e98f2dacb6b98f51c9453c_s390x as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:278bf0667cf12db22c857b8c7a843c5611269e18c7e98f2dacb6b98f51c9453c_s390x"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:278bf0667cf12db22c857b8c7a843c5611269e18c7e98f2dacb6b98f51c9453c_s390x",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:638def92b1eb97ab9ec59b0c535a651f5cb42992fca30a51d347684831ccff48_amd64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:638def92b1eb97ab9ec59b0c535a651f5cb42992fca30a51d347684831ccff48_amd64"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:638def92b1eb97ab9ec59b0c535a651f5cb42992fca30a51d347684831ccff48_amd64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:7d673f63ef8945f66a751b901fa1cc60d12e56961ab8c004a5fd396d7d282bf0_arm64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:7d673f63ef8945f66a751b901fa1cc60d12e56961ab8c004a5fd396d7d282bf0_arm64"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:7d673f63ef8945f66a751b901fa1cc60d12e56961ab8c004a5fd396d7d282bf0_arm64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:0f7c37902ff30d274e43cfa6709a9bfeee4fe05372b0749a2c0b75830508c882_ppc64le as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:0f7c37902ff30d274e43cfa6709a9bfeee4fe05372b0749a2c0b75830508c882_ppc64le"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:0f7c37902ff30d274e43cfa6709a9bfeee4fe05372b0749a2c0b75830508c882_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:5398c9f35cf4da7f1ba2fd709f37c013c232c940793b15c6447c636adc891793_s390x as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:5398c9f35cf4da7f1ba2fd709f37c013c232c940793b15c6447c636adc891793_s390x"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:5398c9f35cf4da7f1ba2fd709f37c013c232c940793b15c6447c636adc891793_s390x",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:a537c13f6444058fad3fd903952eb1e2b61d8bd43ba3fcfd7511ad52cb6b0fbf_arm64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a537c13f6444058fad3fd903952eb1e2b61d8bd43ba3fcfd7511ad52cb6b0fbf_arm64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:a537c13f6444058fad3fd903952eb1e2b61d8bd43ba3fcfd7511ad52cb6b0fbf_arm64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:de2e79f849a8bba66dbf66b72b5eceb8c8b92f15d511c049aec251fa6a4d222d_amd64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:de2e79f849a8bba66dbf66b72b5eceb8c8b92f15d511c049aec251fa6a4d222d_amd64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:de2e79f849a8bba66dbf66b72b5eceb8c8b92f15d511c049aec251fa6a4d222d_amd64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:d8d9a224745f1952819cf831620d5b4ef08f905d80b33d66e4043e5b0163b06a_amd64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:d8d9a224745f1952819cf831620d5b4ef08f905d80b33d66e4043e5b0163b06a_amd64"
},
"product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:d8d9a224745f1952819cf831620d5b4ef08f905d80b33d66e4043e5b0163b06a_amd64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:0f1b867fc8c6194ec054ec8207222e13812d407a7fb1653090b7a27a06f6f831_s390x as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:0f1b867fc8c6194ec054ec8207222e13812d407a7fb1653090b7a27a06f6f831_s390x"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:0f1b867fc8c6194ec054ec8207222e13812d407a7fb1653090b7a27a06f6f831_s390x",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:36e65a2fdb47fa6e6352d2c4ba97d739390804acf45846d7d46e1ed39b58f9ce_arm64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:36e65a2fdb47fa6e6352d2c4ba97d739390804acf45846d7d46e1ed39b58f9ce_arm64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:36e65a2fdb47fa6e6352d2c4ba97d739390804acf45846d7d46e1ed39b58f9ce_arm64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:9720f6e2911e4c60cc39058de3abd033e0b2dabba01fd921925ac918793f4cfa_amd64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:9720f6e2911e4c60cc39058de3abd033e0b2dabba01fd921925ac918793f4cfa_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:9720f6e2911e4c60cc39058de3abd033e0b2dabba01fd921925ac918793f4cfa_amd64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:e594459645c4584a6f0e479f15b109f5dff0ffa51510879638a57a90b0a41858_ppc64le as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:e594459645c4584a6f0e479f15b109f5dff0ffa51510879638a57a90b0a41858_ppc64le"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:e594459645c4584a6f0e479f15b109f5dff0ffa51510879638a57a90b0a41858_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:388f2d08833e70aefd6e840582f7483ac0ce2eb271bc490d1a2c73f5dd5f5576_ppc64le as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:388f2d08833e70aefd6e840582f7483ac0ce2eb271bc490d1a2c73f5dd5f5576_ppc64le"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:388f2d08833e70aefd6e840582f7483ac0ce2eb271bc490d1a2c73f5dd5f5576_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:6ed362945bd2aba3651d4bf65e859abe5a02e22fa536820f52e5e4ce7fd344ed_amd64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:6ed362945bd2aba3651d4bf65e859abe5a02e22fa536820f52e5e4ce7fd344ed_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:6ed362945bd2aba3651d4bf65e859abe5a02e22fa536820f52e5e4ce7fd344ed_amd64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:705424f8b1e5f6062fa659cdf5c9224263f5d5976aef522adbc907b000a7df0e_arm64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:705424f8b1e5f6062fa659cdf5c9224263f5d5976aef522adbc907b000a7df0e_arm64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:705424f8b1e5f6062fa659cdf5c9224263f5d5976aef522adbc907b000a7df0e_arm64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:732281fd8fceec7d66da42744a4b307d4de9569c8ef8cb4804cf4522b3349aff_s390x as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:732281fd8fceec7d66da42744a4b307d4de9569c8ef8cb4804cf4522b3349aff_s390x"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:732281fd8fceec7d66da42744a4b307d4de9569c8ef8cb4804cf4522b3349aff_s390x",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:413df9e2d589a8d58ad8ad3ffeec6ad1e1adbc75f9ae9f2954d909e49d867c34_s390x as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:413df9e2d589a8d58ad8ad3ffeec6ad1e1adbc75f9ae9f2954d909e49d867c34_s390x"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:413df9e2d589a8d58ad8ad3ffeec6ad1e1adbc75f9ae9f2954d909e49d867c34_s390x",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:c279444dc5b611c1b5a5dcbcdc4912ef2accc92387618261f696bd9577af2c68_arm64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:c279444dc5b611c1b5a5dcbcdc4912ef2accc92387618261f696bd9577af2c68_arm64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:c279444dc5b611c1b5a5dcbcdc4912ef2accc92387618261f696bd9577af2c68_arm64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:e2a5884b0cdd1e9d1204e1731bf42eba7f270eebb62c5e3a18eafa7fc422a3ed_amd64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:e2a5884b0cdd1e9d1204e1731bf42eba7f270eebb62c5e3a18eafa7fc422a3ed_amd64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:e2a5884b0cdd1e9d1204e1731bf42eba7f270eebb62c5e3a18eafa7fc422a3ed_amd64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:fdad9093445ce4b8122dc804ff7ae9b6195cd7c5beac953e8fc4038a344ed533_ppc64le as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:fdad9093445ce4b8122dc804ff7ae9b6195cd7c5beac953e8fc4038a344ed533_ppc64le"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:fdad9093445ce4b8122dc804ff7ae9b6195cd7c5beac953e8fc4038a344ed533_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:35eb5b33006c2a70002b70f8fe076d8061cec6cfc7bdcf699e8bfd8fda64e210_arm64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:35eb5b33006c2a70002b70f8fe076d8061cec6cfc7bdcf699e8bfd8fda64e210_arm64"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:35eb5b33006c2a70002b70f8fe076d8061cec6cfc7bdcf699e8bfd8fda64e210_arm64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:4c64fc396faa8f91e0d37a7d99fb4ec340e93961ac27dd9efb408878534fee92_ppc64le as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:4c64fc396faa8f91e0d37a7d99fb4ec340e93961ac27dd9efb408878534fee92_ppc64le"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:4c64fc396faa8f91e0d37a7d99fb4ec340e93961ac27dd9efb408878534fee92_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:4edbd07b7512d83767a78841c04a498dc76b58db286a349ddcb900c7232031a2_amd64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:4edbd07b7512d83767a78841c04a498dc76b58db286a349ddcb900c7232031a2_amd64"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:4edbd07b7512d83767a78841c04a498dc76b58db286a349ddcb900c7232031a2_amd64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:be52dd86d5d4203faba9568d59c84531ebc97d07d54649422c1bdf61173227fe_s390x as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:be52dd86d5d4203faba9568d59c84531ebc97d07d54649422c1bdf61173227fe_s390x"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:be52dd86d5d4203faba9568d59c84531ebc97d07d54649422c1bdf61173227fe_s390x",
"relates_to_product_reference": "8Base-GitOps-1.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29180",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270863"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer\u0027s machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack-dev-middleware: lack of URL validation may lead to file leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in webpack-dev represents a important security issue due to its potential to expose sensitive files and compromise developer machines. By failing to validate URLs and normalize paths effectively, the middleware allows attackers to craft malicious requests that can retrieve arbitrary local files or perform unauthorized path traversal. This could lead to unauthorized access to confidential information, including source code, configuration files, and even system-level files. Given the widespread use of webpack-dev-middleware in web development environments, addressing this vulnerability promptly is important to prevent serious data breaches and protect the integrity of development processes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:685983400e1ada4332a0416ffe47f593fab34da51dfbd1aac7f07e84524fe22b_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:930382e80334938d8c77c535e5902a21e739b4c85b6ec3e7594d1f974d215d68_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:bdd0bb4fb7deefedde48b96c1bf400c0159869ae0a18658aaf93c5bd34bcfe8b_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:ea5ba2ed0a48e249b413d234a09bc0b7b82127078bbf37b6c183d31625cb6dc8_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:1ea709aea08afab4d98092f33b935600de1c1b175f03e399700fd5dd155494ec_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:21afa76182bb4d58037b1709f46fa0600bcaaa14f1a98635fc0f41b06912925c_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:4f6122194bee9ef5f62c1c19784dbef2acc13ad598a68c6049dfd3ce2a830089_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:89ed0b3af1445d4e518bdb587193300c5b4fa10807f66355ae39cfafb8e7410c_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:05bba5a2ff04847ff2c0620af26c87f4dfaac91a290dab37eb4425cfc6157923_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:278bf0667cf12db22c857b8c7a843c5611269e18c7e98f2dacb6b98f51c9453c_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:638def92b1eb97ab9ec59b0c535a651f5cb42992fca30a51d347684831ccff48_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:7d673f63ef8945f66a751b901fa1cc60d12e56961ab8c004a5fd396d7d282bf0_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:0f7c37902ff30d274e43cfa6709a9bfeee4fe05372b0749a2c0b75830508c882_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:5398c9f35cf4da7f1ba2fd709f37c013c232c940793b15c6447c636adc891793_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a537c13f6444058fad3fd903952eb1e2b61d8bd43ba3fcfd7511ad52cb6b0fbf_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:de2e79f849a8bba66dbf66b72b5eceb8c8b92f15d511c049aec251fa6a4d222d_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:d8d9a224745f1952819cf831620d5b4ef08f905d80b33d66e4043e5b0163b06a_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:0f1b867fc8c6194ec054ec8207222e13812d407a7fb1653090b7a27a06f6f831_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:36e65a2fdb47fa6e6352d2c4ba97d739390804acf45846d7d46e1ed39b58f9ce_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:9720f6e2911e4c60cc39058de3abd033e0b2dabba01fd921925ac918793f4cfa_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:e594459645c4584a6f0e479f15b109f5dff0ffa51510879638a57a90b0a41858_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:388f2d08833e70aefd6e840582f7483ac0ce2eb271bc490d1a2c73f5dd5f5576_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:6ed362945bd2aba3651d4bf65e859abe5a02e22fa536820f52e5e4ce7fd344ed_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:705424f8b1e5f6062fa659cdf5c9224263f5d5976aef522adbc907b000a7df0e_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:732281fd8fceec7d66da42744a4b307d4de9569c8ef8cb4804cf4522b3349aff_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:413df9e2d589a8d58ad8ad3ffeec6ad1e1adbc75f9ae9f2954d909e49d867c34_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:c279444dc5b611c1b5a5dcbcdc4912ef2accc92387618261f696bd9577af2c68_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:e2a5884b0cdd1e9d1204e1731bf42eba7f270eebb62c5e3a18eafa7fc422a3ed_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:fdad9093445ce4b8122dc804ff7ae9b6195cd7c5beac953e8fc4038a344ed533_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:35eb5b33006c2a70002b70f8fe076d8061cec6cfc7bdcf699e8bfd8fda64e210_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:4c64fc396faa8f91e0d37a7d99fb4ec340e93961ac27dd9efb408878534fee92_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:4edbd07b7512d83767a78841c04a498dc76b58db286a349ddcb900c7232031a2_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:be52dd86d5d4203faba9568d59c84531ebc97d07d54649422c1bdf61173227fe_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29180"
},
{
"category": "external",
"summary": "RHBZ#2270863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6",
"url": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6"
}
],
"release_date": "2024-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:685983400e1ada4332a0416ffe47f593fab34da51dfbd1aac7f07e84524fe22b_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:930382e80334938d8c77c535e5902a21e739b4c85b6ec3e7594d1f974d215d68_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:bdd0bb4fb7deefedde48b96c1bf400c0159869ae0a18658aaf93c5bd34bcfe8b_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:ea5ba2ed0a48e249b413d234a09bc0b7b82127078bbf37b6c183d31625cb6dc8_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:1ea709aea08afab4d98092f33b935600de1c1b175f03e399700fd5dd155494ec_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:21afa76182bb4d58037b1709f46fa0600bcaaa14f1a98635fc0f41b06912925c_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:4f6122194bee9ef5f62c1c19784dbef2acc13ad598a68c6049dfd3ce2a830089_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:89ed0b3af1445d4e518bdb587193300c5b4fa10807f66355ae39cfafb8e7410c_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:05bba5a2ff04847ff2c0620af26c87f4dfaac91a290dab37eb4425cfc6157923_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:278bf0667cf12db22c857b8c7a843c5611269e18c7e98f2dacb6b98f51c9453c_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:638def92b1eb97ab9ec59b0c535a651f5cb42992fca30a51d347684831ccff48_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:7d673f63ef8945f66a751b901fa1cc60d12e56961ab8c004a5fd396d7d282bf0_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:0f7c37902ff30d274e43cfa6709a9bfeee4fe05372b0749a2c0b75830508c882_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:5398c9f35cf4da7f1ba2fd709f37c013c232c940793b15c6447c636adc891793_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a537c13f6444058fad3fd903952eb1e2b61d8bd43ba3fcfd7511ad52cb6b0fbf_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:de2e79f849a8bba66dbf66b72b5eceb8c8b92f15d511c049aec251fa6a4d222d_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:d8d9a224745f1952819cf831620d5b4ef08f905d80b33d66e4043e5b0163b06a_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:0f1b867fc8c6194ec054ec8207222e13812d407a7fb1653090b7a27a06f6f831_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:36e65a2fdb47fa6e6352d2c4ba97d739390804acf45846d7d46e1ed39b58f9ce_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:9720f6e2911e4c60cc39058de3abd033e0b2dabba01fd921925ac918793f4cfa_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:e594459645c4584a6f0e479f15b109f5dff0ffa51510879638a57a90b0a41858_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:388f2d08833e70aefd6e840582f7483ac0ce2eb271bc490d1a2c73f5dd5f5576_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:6ed362945bd2aba3651d4bf65e859abe5a02e22fa536820f52e5e4ce7fd344ed_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:705424f8b1e5f6062fa659cdf5c9224263f5d5976aef522adbc907b000a7df0e_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:732281fd8fceec7d66da42744a4b307d4de9569c8ef8cb4804cf4522b3349aff_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:413df9e2d589a8d58ad8ad3ffeec6ad1e1adbc75f9ae9f2954d909e49d867c34_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:c279444dc5b611c1b5a5dcbcdc4912ef2accc92387618261f696bd9577af2c68_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:e2a5884b0cdd1e9d1204e1731bf42eba7f270eebb62c5e3a18eafa7fc422a3ed_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:fdad9093445ce4b8122dc804ff7ae9b6195cd7c5beac953e8fc4038a344ed533_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:35eb5b33006c2a70002b70f8fe076d8061cec6cfc7bdcf699e8bfd8fda64e210_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:4c64fc396faa8f91e0d37a7d99fb4ec340e93961ac27dd9efb408878534fee92_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:4edbd07b7512d83767a78841c04a498dc76b58db286a349ddcb900c7232031a2_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:be52dd86d5d4203faba9568d59c84531ebc97d07d54649422c1bdf61173227fe_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2815"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:685983400e1ada4332a0416ffe47f593fab34da51dfbd1aac7f07e84524fe22b_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:930382e80334938d8c77c535e5902a21e739b4c85b6ec3e7594d1f974d215d68_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:bdd0bb4fb7deefedde48b96c1bf400c0159869ae0a18658aaf93c5bd34bcfe8b_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:ea5ba2ed0a48e249b413d234a09bc0b7b82127078bbf37b6c183d31625cb6dc8_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:1ea709aea08afab4d98092f33b935600de1c1b175f03e399700fd5dd155494ec_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:21afa76182bb4d58037b1709f46fa0600bcaaa14f1a98635fc0f41b06912925c_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:4f6122194bee9ef5f62c1c19784dbef2acc13ad598a68c6049dfd3ce2a830089_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:89ed0b3af1445d4e518bdb587193300c5b4fa10807f66355ae39cfafb8e7410c_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:05bba5a2ff04847ff2c0620af26c87f4dfaac91a290dab37eb4425cfc6157923_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:278bf0667cf12db22c857b8c7a843c5611269e18c7e98f2dacb6b98f51c9453c_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:638def92b1eb97ab9ec59b0c535a651f5cb42992fca30a51d347684831ccff48_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:7d673f63ef8945f66a751b901fa1cc60d12e56961ab8c004a5fd396d7d282bf0_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:0f7c37902ff30d274e43cfa6709a9bfeee4fe05372b0749a2c0b75830508c882_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:5398c9f35cf4da7f1ba2fd709f37c013c232c940793b15c6447c636adc891793_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a537c13f6444058fad3fd903952eb1e2b61d8bd43ba3fcfd7511ad52cb6b0fbf_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:de2e79f849a8bba66dbf66b72b5eceb8c8b92f15d511c049aec251fa6a4d222d_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:d8d9a224745f1952819cf831620d5b4ef08f905d80b33d66e4043e5b0163b06a_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:0f1b867fc8c6194ec054ec8207222e13812d407a7fb1653090b7a27a06f6f831_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:36e65a2fdb47fa6e6352d2c4ba97d739390804acf45846d7d46e1ed39b58f9ce_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:9720f6e2911e4c60cc39058de3abd033e0b2dabba01fd921925ac918793f4cfa_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:e594459645c4584a6f0e479f15b109f5dff0ffa51510879638a57a90b0a41858_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:388f2d08833e70aefd6e840582f7483ac0ce2eb271bc490d1a2c73f5dd5f5576_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:6ed362945bd2aba3651d4bf65e859abe5a02e22fa536820f52e5e4ce7fd344ed_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:705424f8b1e5f6062fa659cdf5c9224263f5d5976aef522adbc907b000a7df0e_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:732281fd8fceec7d66da42744a4b307d4de9569c8ef8cb4804cf4522b3349aff_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:413df9e2d589a8d58ad8ad3ffeec6ad1e1adbc75f9ae9f2954d909e49d867c34_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:c279444dc5b611c1b5a5dcbcdc4912ef2accc92387618261f696bd9577af2c68_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:e2a5884b0cdd1e9d1204e1731bf42eba7f270eebb62c5e3a18eafa7fc422a3ed_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:fdad9093445ce4b8122dc804ff7ae9b6195cd7c5beac953e8fc4038a344ed533_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:35eb5b33006c2a70002b70f8fe076d8061cec6cfc7bdcf699e8bfd8fda64e210_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:4c64fc396faa8f91e0d37a7d99fb4ec340e93961ac27dd9efb408878534fee92_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:4edbd07b7512d83767a78841c04a498dc76b58db286a349ddcb900c7232031a2_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:be52dd86d5d4203faba9568d59c84531ebc97d07d54649422c1bdf61173227fe_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:685983400e1ada4332a0416ffe47f593fab34da51dfbd1aac7f07e84524fe22b_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:930382e80334938d8c77c535e5902a21e739b4c85b6ec3e7594d1f974d215d68_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:bdd0bb4fb7deefedde48b96c1bf400c0159869ae0a18658aaf93c5bd34bcfe8b_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:ea5ba2ed0a48e249b413d234a09bc0b7b82127078bbf37b6c183d31625cb6dc8_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:1ea709aea08afab4d98092f33b935600de1c1b175f03e399700fd5dd155494ec_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:21afa76182bb4d58037b1709f46fa0600bcaaa14f1a98635fc0f41b06912925c_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:4f6122194bee9ef5f62c1c19784dbef2acc13ad598a68c6049dfd3ce2a830089_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:89ed0b3af1445d4e518bdb587193300c5b4fa10807f66355ae39cfafb8e7410c_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:05bba5a2ff04847ff2c0620af26c87f4dfaac91a290dab37eb4425cfc6157923_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:278bf0667cf12db22c857b8c7a843c5611269e18c7e98f2dacb6b98f51c9453c_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:638def92b1eb97ab9ec59b0c535a651f5cb42992fca30a51d347684831ccff48_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:7d673f63ef8945f66a751b901fa1cc60d12e56961ab8c004a5fd396d7d282bf0_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:0f7c37902ff30d274e43cfa6709a9bfeee4fe05372b0749a2c0b75830508c882_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:5398c9f35cf4da7f1ba2fd709f37c013c232c940793b15c6447c636adc891793_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a537c13f6444058fad3fd903952eb1e2b61d8bd43ba3fcfd7511ad52cb6b0fbf_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:de2e79f849a8bba66dbf66b72b5eceb8c8b92f15d511c049aec251fa6a4d222d_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:d8d9a224745f1952819cf831620d5b4ef08f905d80b33d66e4043e5b0163b06a_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:0f1b867fc8c6194ec054ec8207222e13812d407a7fb1653090b7a27a06f6f831_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:36e65a2fdb47fa6e6352d2c4ba97d739390804acf45846d7d46e1ed39b58f9ce_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:9720f6e2911e4c60cc39058de3abd033e0b2dabba01fd921925ac918793f4cfa_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:e594459645c4584a6f0e479f15b109f5dff0ffa51510879638a57a90b0a41858_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:388f2d08833e70aefd6e840582f7483ac0ce2eb271bc490d1a2c73f5dd5f5576_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:6ed362945bd2aba3651d4bf65e859abe5a02e22fa536820f52e5e4ce7fd344ed_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:705424f8b1e5f6062fa659cdf5c9224263f5d5976aef522adbc907b000a7df0e_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:732281fd8fceec7d66da42744a4b307d4de9569c8ef8cb4804cf4522b3349aff_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:413df9e2d589a8d58ad8ad3ffeec6ad1e1adbc75f9ae9f2954d909e49d867c34_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:c279444dc5b611c1b5a5dcbcdc4912ef2accc92387618261f696bd9577af2c68_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:e2a5884b0cdd1e9d1204e1731bf42eba7f270eebb62c5e3a18eafa7fc422a3ed_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:fdad9093445ce4b8122dc804ff7ae9b6195cd7c5beac953e8fc4038a344ed533_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:35eb5b33006c2a70002b70f8fe076d8061cec6cfc7bdcf699e8bfd8fda64e210_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:4c64fc396faa8f91e0d37a7d99fb4ec340e93961ac27dd9efb408878534fee92_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:4edbd07b7512d83767a78841c04a498dc76b58db286a349ddcb900c7232031a2_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:be52dd86d5d4203faba9568d59c84531ebc97d07d54649422c1bdf61173227fe_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "webpack-dev-middleware: lack of URL validation may lead to file leak"
}
]
}
Loading...