rhsa-2024_2817
Vulnerability from csaf_redhat
Published
2024-05-10 19:36
Modified
2024-11-24 21:05
Summary
Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.10.5 security update
Notes
Topic
An update is now available for Red Hat OpenShift GitOps v1.10.5 for Argo CD UI and Console Plugin. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Errata Advisory for Red Hat OpenShift GitOps v1.10.5.
Security Fix(es):
* argo-cd: webpack-dev-middleware: lack of URL validation may lead to file leak (CVE-2024-29180).
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
1. Fix for a critical bug reported by customers where IgnoreDifferences Option
in Sync Options was not working for array fields in ArgoCD. This fix will allow the users to ignore specific fields in the array when specified in
ignoreDifferences during Sync.
2. A fix that enables customer to add clusters hosted on GCP to ArgoCD.
3. An important customer fix that ensures that Argo CD correctly reports support for these host key algorithms during the handshake process, allowing the pull from Azure DevOps Repos to succeed.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift GitOps v1.10.5 for Argo CD UI and Console Plugin. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Errata Advisory for Red Hat OpenShift GitOps v1.10.5.\n\nSecurity Fix(es):\n\n* argo-cd: webpack-dev-middleware: lack of URL validation may lead to file leak (CVE-2024-29180).\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n1. Fix for a critical bug reported by customers where IgnoreDifferences Option\nin Sync Options was not working for array fields in ArgoCD. This fix will allow the users to ignore specific fields in the array when specified in\nignoreDifferences during Sync.\n\n2. A fix that enables customer to add clusters hosted on GCP to ArgoCD.\n\n3. An important customer fix that ensures that Argo CD correctly reports support for these host key algorithms during the handshake process, allowing the pull from Azure DevOps Repos to succeed.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:2817",
"url": "https://access.redhat.com/errata/RHSA-2024:2817"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.openshift.com/gitops/1.10/release_notes/gitops-release-notes.html",
"url": "https://docs.openshift.com/gitops/1.10/release_notes/gitops-release-notes.html"
},
{
"category": "external",
"summary": "https://docs.openshift.com/gitops/1.10/understanding_openshift_gitops/about-redhat-openshift-gitops.html",
"url": "https://docs.openshift.com/gitops/1.10/understanding_openshift_gitops/about-redhat-openshift-gitops.html"
},
{
"category": "external",
"summary": "2270863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
},
{
"category": "external",
"summary": "GITOPS-4226",
"url": "https://issues.redhat.com/browse/GITOPS-4226"
},
{
"category": "external",
"summary": "GITOPS-4513",
"url": "https://issues.redhat.com/browse/GITOPS-4513"
},
{
"category": "external",
"summary": "GITOPS-4543",
"url": "https://issues.redhat.com/browse/GITOPS-4543"
},
{
"category": "external",
"summary": "GITOPS-4645",
"url": "https://issues.redhat.com/browse/GITOPS-4645"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2817.json"
}
],
"title": "Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.10.5 security update",
"tracking": {
"current_release_date": "2024-11-24T21:05:51+00:00",
"generator": {
"date": "2024-11-24T21:05:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2024:2817",
"initial_release_date": "2024-05-10T19:36:39+00:00",
"revision_history": [
{
"date": "2024-05-10T19:36:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-05-10T19:36:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-24T21:05:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.10",
"product": {
"name": "Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.10::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:d4584964c9659370dac81298abb68f7b5c1eef49ad1a18c7996cd6cdac16926e_arm64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:d4584964c9659370dac81298abb68f7b5c1eef49ad1a18c7996cd6cdac16926e_arm64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:d4584964c9659370dac81298abb68f7b5c1eef49ad1a18c7996cd6cdac16926e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:d4584964c9659370dac81298abb68f7b5c1eef49ad1a18c7996cd6cdac16926e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:db225a8e1d83c11bad04f0aae82cd07013cc8902b5af0394d8be8bca1242ae25_arm64",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:db225a8e1d83c11bad04f0aae82cd07013cc8902b5af0394d8be8bca1242ae25_arm64",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:db225a8e1d83c11bad04f0aae82cd07013cc8902b5af0394d8be8bca1242ae25_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:db225a8e1d83c11bad04f0aae82cd07013cc8902b5af0394d8be8bca1242ae25?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:cf1e480c838479f8137537ab68ae818d219c40e58008a03214b0e5b6a3046730_arm64",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:cf1e480c838479f8137537ab68ae818d219c40e58008a03214b0e5b6a3046730_arm64",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:cf1e480c838479f8137537ab68ae818d219c40e58008a03214b0e5b6a3046730_arm64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:cf1e480c838479f8137537ab68ae818d219c40e58008a03214b0e5b6a3046730?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:95f09ae4939c63ce698ac4a8b2b4275ebf2c304f3364bfc365c323aafbdd6206_arm64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:95f09ae4939c63ce698ac4a8b2b4275ebf2c304f3364bfc365c323aafbdd6206_arm64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:95f09ae4939c63ce698ac4a8b2b4275ebf2c304f3364bfc365c323aafbdd6206_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:95f09ae4939c63ce698ac4a8b2b4275ebf2c304f3364bfc365c323aafbdd6206?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:fdb439b295b3903f9f2341929a545366ebb35e38bdb5f609f31678b0edff357e_arm64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:fdb439b295b3903f9f2341929a545366ebb35e38bdb5f609f31678b0edff357e_arm64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:fdb439b295b3903f9f2341929a545366ebb35e38bdb5f609f31678b0edff357e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:fdb439b295b3903f9f2341929a545366ebb35e38bdb5f609f31678b0edff357e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:2c8c4d322736fe778a348e1dcd98f8f580b7f98ea42a651ad8b88c0d63f1b38d_arm64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:2c8c4d322736fe778a348e1dcd98f8f580b7f98ea42a651ad8b88c0d63f1b38d_arm64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:2c8c4d322736fe778a348e1dcd98f8f580b7f98ea42a651ad8b88c0d63f1b38d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:2c8c4d322736fe778a348e1dcd98f8f580b7f98ea42a651ad8b88c0d63f1b38d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:decbecdee5ec0f3a4aaf86a95226d6bf24e2d39cf077048465365e54e613b2d3_arm64",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:decbecdee5ec0f3a4aaf86a95226d6bf24e2d39cf077048465365e54e613b2d3_arm64",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:decbecdee5ec0f3a4aaf86a95226d6bf24e2d39cf077048465365e54e613b2d3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:decbecdee5ec0f3a4aaf86a95226d6bf24e2d39cf077048465365e54e613b2d3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:365cd33870134af2c4f2413797cf32d3bc0643e93581e9e7b4eede391d4a20e5_arm64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:365cd33870134af2c4f2413797cf32d3bc0643e93581e9e7b4eede391d4a20e5_arm64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:365cd33870134af2c4f2413797cf32d3bc0643e93581e9e7b4eede391d4a20e5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:365cd33870134af2c4f2413797cf32d3bc0643e93581e9e7b4eede391d4a20e5?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.10.5-6"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:91476c66096af76505cfc23d46fbcf2478a7417f86d0dedd59e7091088bcf9ef_ppc64le",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:91476c66096af76505cfc23d46fbcf2478a7417f86d0dedd59e7091088bcf9ef_ppc64le",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:91476c66096af76505cfc23d46fbcf2478a7417f86d0dedd59e7091088bcf9ef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:91476c66096af76505cfc23d46fbcf2478a7417f86d0dedd59e7091088bcf9ef?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:53a9bf3139c8915efcf58e72193b652923167d38df5a61d5d5fbafb61b3fab0e_ppc64le",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:53a9bf3139c8915efcf58e72193b652923167d38df5a61d5d5fbafb61b3fab0e_ppc64le",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:53a9bf3139c8915efcf58e72193b652923167d38df5a61d5d5fbafb61b3fab0e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:53a9bf3139c8915efcf58e72193b652923167d38df5a61d5d5fbafb61b3fab0e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:b8a1bb95b79659d5ff896734be4f28bc64c2d61560c473a4a0f1c14b1e18efe5_ppc64le",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:b8a1bb95b79659d5ff896734be4f28bc64c2d61560c473a4a0f1c14b1e18efe5_ppc64le",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:b8a1bb95b79659d5ff896734be4f28bc64c2d61560c473a4a0f1c14b1e18efe5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:b8a1bb95b79659d5ff896734be4f28bc64c2d61560c473a4a0f1c14b1e18efe5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:b6c20bfad0e77414638d912d7cae7ff54ce0be30030fa9ba6f13448966c56294_ppc64le",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:b6c20bfad0e77414638d912d7cae7ff54ce0be30030fa9ba6f13448966c56294_ppc64le",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:b6c20bfad0e77414638d912d7cae7ff54ce0be30030fa9ba6f13448966c56294_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:b6c20bfad0e77414638d912d7cae7ff54ce0be30030fa9ba6f13448966c56294?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:c3fcaa38e7883f3573628c1d99bd1cdd0fcb19061371009ab118902269bbf7b3_ppc64le",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:c3fcaa38e7883f3573628c1d99bd1cdd0fcb19061371009ab118902269bbf7b3_ppc64le",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:c3fcaa38e7883f3573628c1d99bd1cdd0fcb19061371009ab118902269bbf7b3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:c3fcaa38e7883f3573628c1d99bd1cdd0fcb19061371009ab118902269bbf7b3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:76e7ce8466895cfc12f4f6a024f54674006eaa92b05534685f04089e13eb1364_ppc64le",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:76e7ce8466895cfc12f4f6a024f54674006eaa92b05534685f04089e13eb1364_ppc64le",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:76e7ce8466895cfc12f4f6a024f54674006eaa92b05534685f04089e13eb1364_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:76e7ce8466895cfc12f4f6a024f54674006eaa92b05534685f04089e13eb1364?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:27f63d236f04cc0611fd81168d42e81903eb53671c122dd902b2d3e41f6952bf_ppc64le",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:27f63d236f04cc0611fd81168d42e81903eb53671c122dd902b2d3e41f6952bf_ppc64le",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:27f63d236f04cc0611fd81168d42e81903eb53671c122dd902b2d3e41f6952bf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:27f63d236f04cc0611fd81168d42e81903eb53671c122dd902b2d3e41f6952bf?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:630b22b7518a2355492d98f7ac5c05610c981f706f707f1bb82c2ad5c0493640_ppc64le",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:630b22b7518a2355492d98f7ac5c05610c981f706f707f1bb82c2ad5c0493640_ppc64le",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:630b22b7518a2355492d98f7ac5c05610c981f706f707f1bb82c2ad5c0493640_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:630b22b7518a2355492d98f7ac5c05610c981f706f707f1bb82c2ad5c0493640?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.10.5-6"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:babc6209cd7b170a073cb38d172de4830f8fef038fef17e10044eb41f02cbaa2_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:babc6209cd7b170a073cb38d172de4830f8fef038fef17e10044eb41f02cbaa2_amd64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:babc6209cd7b170a073cb38d172de4830f8fef038fef17e10044eb41f02cbaa2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:babc6209cd7b170a073cb38d172de4830f8fef038fef17e10044eb41f02cbaa2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:167a4ec509a83696d014c258d640956c733038ae4a711824e4fdd8b004ba7964_amd64",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:167a4ec509a83696d014c258d640956c733038ae4a711824e4fdd8b004ba7964_amd64",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:167a4ec509a83696d014c258d640956c733038ae4a711824e4fdd8b004ba7964_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:167a4ec509a83696d014c258d640956c733038ae4a711824e4fdd8b004ba7964?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:ba13922849da5fcd6a790bee2a8a39270b56ef399d2abbb7663eb698b15993c6_amd64",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:ba13922849da5fcd6a790bee2a8a39270b56ef399d2abbb7663eb698b15993c6_amd64",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:ba13922849da5fcd6a790bee2a8a39270b56ef399d2abbb7663eb698b15993c6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:ba13922849da5fcd6a790bee2a8a39270b56ef399d2abbb7663eb698b15993c6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:f658538471aca8330a9d368f2cd3444416dca9a73e3cfb53b735da6463dcf337_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:f658538471aca8330a9d368f2cd3444416dca9a73e3cfb53b735da6463dcf337_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:f658538471aca8330a9d368f2cd3444416dca9a73e3cfb53b735da6463dcf337_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:f658538471aca8330a9d368f2cd3444416dca9a73e3cfb53b735da6463dcf337?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:416353d665f078404aeb21c19099f342157e01eab321e50ff052565e036f9b0e_amd64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:416353d665f078404aeb21c19099f342157e01eab321e50ff052565e036f9b0e_amd64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:416353d665f078404aeb21c19099f342157e01eab321e50ff052565e036f9b0e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:416353d665f078404aeb21c19099f342157e01eab321e50ff052565e036f9b0e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:c01d39107b2d2449f86ce893c97e790ea6acfa37e69f7d3b70a795ceacec12b6_amd64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:c01d39107b2d2449f86ce893c97e790ea6acfa37e69f7d3b70a795ceacec12b6_amd64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:c01d39107b2d2449f86ce893c97e790ea6acfa37e69f7d3b70a795ceacec12b6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:c01d39107b2d2449f86ce893c97e790ea6acfa37e69f7d3b70a795ceacec12b6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:2f61991fbda425d6357195149a4ea8b939a2e6d11e9f15e104c86745d21bd22d_amd64",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:2f61991fbda425d6357195149a4ea8b939a2e6d11e9f15e104c86745d21bd22d_amd64",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:2f61991fbda425d6357195149a4ea8b939a2e6d11e9f15e104c86745d21bd22d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:2f61991fbda425d6357195149a4ea8b939a2e6d11e9f15e104c86745d21bd22d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:ed2a8efb4fc40d2d6a09ceecaa0f16d6bea139e2d7afae6ba85dbae356daf59b_amd64",
"product": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:ed2a8efb4fc40d2d6a09ceecaa0f16d6bea139e2d7afae6ba85dbae356daf59b_amd64",
"product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:ed2a8efb4fc40d2d6a09ceecaa0f16d6bea139e2d7afae6ba85dbae356daf59b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256:ed2a8efb4fc40d2d6a09ceecaa0f16d6bea139e2d7afae6ba85dbae356daf59b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:f4fed927355e4b6b53448194e5325b209738fc9ba990d02db4cb75653a878113_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:f4fed927355e4b6b53448194e5325b209738fc9ba990d02db4cb75653a878113_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:f4fed927355e4b6b53448194e5325b209738fc9ba990d02db4cb75653a878113_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:f4fed927355e4b6b53448194e5325b209738fc9ba990d02db4cb75653a878113?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.10.5-6"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:6b85a3fc1e590ab008fdb2db4647c3eccf4540eb452c64b4ebd6a61647cbc5b8_s390x",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:6b85a3fc1e590ab008fdb2db4647c3eccf4540eb452c64b4ebd6a61647cbc5b8_s390x",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:6b85a3fc1e590ab008fdb2db4647c3eccf4540eb452c64b4ebd6a61647cbc5b8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:6b85a3fc1e590ab008fdb2db4647c3eccf4540eb452c64b4ebd6a61647cbc5b8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:141bc9dec57c4c07ba209755e1b43fb99e2afc195f3430842b275b4c4dfcc5f5_s390x",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:141bc9dec57c4c07ba209755e1b43fb99e2afc195f3430842b275b4c4dfcc5f5_s390x",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:141bc9dec57c4c07ba209755e1b43fb99e2afc195f3430842b275b4c4dfcc5f5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:141bc9dec57c4c07ba209755e1b43fb99e2afc195f3430842b275b4c4dfcc5f5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:f01f628665e7a1d3ecca7fe2f86a461fe100d8892c1e6ad848cc63c793585d0f_s390x",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:f01f628665e7a1d3ecca7fe2f86a461fe100d8892c1e6ad848cc63c793585d0f_s390x",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:f01f628665e7a1d3ecca7fe2f86a461fe100d8892c1e6ad848cc63c793585d0f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:f01f628665e7a1d3ecca7fe2f86a461fe100d8892c1e6ad848cc63c793585d0f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:ead329586aa61f94bf8c8a0efb676e8a695fceef5fcacdc568a4a466b492ec5e_s390x",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:ead329586aa61f94bf8c8a0efb676e8a695fceef5fcacdc568a4a466b492ec5e_s390x",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:ead329586aa61f94bf8c8a0efb676e8a695fceef5fcacdc568a4a466b492ec5e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:ead329586aa61f94bf8c8a0efb676e8a695fceef5fcacdc568a4a466b492ec5e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:fce845415ec7aad46d57b63fa2ff57d03a902bfde4821ad74b20bfe20d41e389_s390x",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:fce845415ec7aad46d57b63fa2ff57d03a902bfde4821ad74b20bfe20d41e389_s390x",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:fce845415ec7aad46d57b63fa2ff57d03a902bfde4821ad74b20bfe20d41e389_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:fce845415ec7aad46d57b63fa2ff57d03a902bfde4821ad74b20bfe20d41e389?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:523a76e2f894264701c5e4c02c70b187abb5b3f58136b91bcafbbae3b48eca84_s390x",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:523a76e2f894264701c5e4c02c70b187abb5b3f58136b91bcafbbae3b48eca84_s390x",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:523a76e2f894264701c5e4c02c70b187abb5b3f58136b91bcafbbae3b48eca84_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:523a76e2f894264701c5e4c02c70b187abb5b3f58136b91bcafbbae3b48eca84?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:0e76f7330665dc4a4ba52cb6be28f29cb24ed926c583540b721a03bedeb06a6d_s390x",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:0e76f7330665dc4a4ba52cb6be28f29cb24ed926c583540b721a03bedeb06a6d_s390x",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:0e76f7330665dc4a4ba52cb6be28f29cb24ed926c583540b721a03bedeb06a6d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:0e76f7330665dc4a4ba52cb6be28f29cb24ed926c583540b721a03bedeb06a6d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.10.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:957b420874020d5db2a4d4cdfdab41cda7853695cd29494cba78712d01f43cc5_s390x",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:957b420874020d5db2a4d4cdfdab41cda7853695cd29494cba78712d01f43cc5_s390x",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:957b420874020d5db2a4d4cdfdab41cda7853695cd29494cba78712d01f43cc5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:957b420874020d5db2a4d4cdfdab41cda7853695cd29494cba78712d01f43cc5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.10.5-6"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:141bc9dec57c4c07ba209755e1b43fb99e2afc195f3430842b275b4c4dfcc5f5_s390x as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:141bc9dec57c4c07ba209755e1b43fb99e2afc195f3430842b275b4c4dfcc5f5_s390x"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:141bc9dec57c4c07ba209755e1b43fb99e2afc195f3430842b275b4c4dfcc5f5_s390x",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:167a4ec509a83696d014c258d640956c733038ae4a711824e4fdd8b004ba7964_amd64 as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:167a4ec509a83696d014c258d640956c733038ae4a711824e4fdd8b004ba7964_amd64"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:167a4ec509a83696d014c258d640956c733038ae4a711824e4fdd8b004ba7964_amd64",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:53a9bf3139c8915efcf58e72193b652923167d38df5a61d5d5fbafb61b3fab0e_ppc64le as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:53a9bf3139c8915efcf58e72193b652923167d38df5a61d5d5fbafb61b3fab0e_ppc64le"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:53a9bf3139c8915efcf58e72193b652923167d38df5a61d5d5fbafb61b3fab0e_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:db225a8e1d83c11bad04f0aae82cd07013cc8902b5af0394d8be8bca1242ae25_arm64 as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:db225a8e1d83c11bad04f0aae82cd07013cc8902b5af0394d8be8bca1242ae25_arm64"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:db225a8e1d83c11bad04f0aae82cd07013cc8902b5af0394d8be8bca1242ae25_arm64",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:6b85a3fc1e590ab008fdb2db4647c3eccf4540eb452c64b4ebd6a61647cbc5b8_s390x as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:6b85a3fc1e590ab008fdb2db4647c3eccf4540eb452c64b4ebd6a61647cbc5b8_s390x"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:6b85a3fc1e590ab008fdb2db4647c3eccf4540eb452c64b4ebd6a61647cbc5b8_s390x",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:91476c66096af76505cfc23d46fbcf2478a7417f86d0dedd59e7091088bcf9ef_ppc64le as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:91476c66096af76505cfc23d46fbcf2478a7417f86d0dedd59e7091088bcf9ef_ppc64le"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:91476c66096af76505cfc23d46fbcf2478a7417f86d0dedd59e7091088bcf9ef_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:babc6209cd7b170a073cb38d172de4830f8fef038fef17e10044eb41f02cbaa2_amd64 as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:babc6209cd7b170a073cb38d172de4830f8fef038fef17e10044eb41f02cbaa2_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:babc6209cd7b170a073cb38d172de4830f8fef038fef17e10044eb41f02cbaa2_amd64",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:d4584964c9659370dac81298abb68f7b5c1eef49ad1a18c7996cd6cdac16926e_arm64 as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:d4584964c9659370dac81298abb68f7b5c1eef49ad1a18c7996cd6cdac16926e_arm64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:d4584964c9659370dac81298abb68f7b5c1eef49ad1a18c7996cd6cdac16926e_arm64",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:b8a1bb95b79659d5ff896734be4f28bc64c2d61560c473a4a0f1c14b1e18efe5_ppc64le as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:b8a1bb95b79659d5ff896734be4f28bc64c2d61560c473a4a0f1c14b1e18efe5_ppc64le"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:b8a1bb95b79659d5ff896734be4f28bc64c2d61560c473a4a0f1c14b1e18efe5_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:ba13922849da5fcd6a790bee2a8a39270b56ef399d2abbb7663eb698b15993c6_amd64 as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:ba13922849da5fcd6a790bee2a8a39270b56ef399d2abbb7663eb698b15993c6_amd64"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:ba13922849da5fcd6a790bee2a8a39270b56ef399d2abbb7663eb698b15993c6_amd64",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:cf1e480c838479f8137537ab68ae818d219c40e58008a03214b0e5b6a3046730_arm64 as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:cf1e480c838479f8137537ab68ae818d219c40e58008a03214b0e5b6a3046730_arm64"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:cf1e480c838479f8137537ab68ae818d219c40e58008a03214b0e5b6a3046730_arm64",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:f01f628665e7a1d3ecca7fe2f86a461fe100d8892c1e6ad848cc63c793585d0f_s390x as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:f01f628665e7a1d3ecca7fe2f86a461fe100d8892c1e6ad848cc63c793585d0f_s390x"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:f01f628665e7a1d3ecca7fe2f86a461fe100d8892c1e6ad848cc63c793585d0f_s390x",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:416353d665f078404aeb21c19099f342157e01eab321e50ff052565e036f9b0e_amd64 as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:416353d665f078404aeb21c19099f342157e01eab321e50ff052565e036f9b0e_amd64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:416353d665f078404aeb21c19099f342157e01eab321e50ff052565e036f9b0e_amd64",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:c3fcaa38e7883f3573628c1d99bd1cdd0fcb19061371009ab118902269bbf7b3_ppc64le as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:c3fcaa38e7883f3573628c1d99bd1cdd0fcb19061371009ab118902269bbf7b3_ppc64le"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:c3fcaa38e7883f3573628c1d99bd1cdd0fcb19061371009ab118902269bbf7b3_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:fce845415ec7aad46d57b63fa2ff57d03a902bfde4821ad74b20bfe20d41e389_s390x as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:fce845415ec7aad46d57b63fa2ff57d03a902bfde4821ad74b20bfe20d41e389_s390x"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:fce845415ec7aad46d57b63fa2ff57d03a902bfde4821ad74b20bfe20d41e389_s390x",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:fdb439b295b3903f9f2341929a545366ebb35e38bdb5f609f31678b0edff357e_arm64 as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:fdb439b295b3903f9f2341929a545366ebb35e38bdb5f609f31678b0edff357e_arm64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:fdb439b295b3903f9f2341929a545366ebb35e38bdb5f609f31678b0edff357e_arm64",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:ed2a8efb4fc40d2d6a09ceecaa0f16d6bea139e2d7afae6ba85dbae356daf59b_amd64 as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:ed2a8efb4fc40d2d6a09ceecaa0f16d6bea139e2d7afae6ba85dbae356daf59b_amd64"
},
"product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:ed2a8efb4fc40d2d6a09ceecaa0f16d6bea139e2d7afae6ba85dbae356daf59b_amd64",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:365cd33870134af2c4f2413797cf32d3bc0643e93581e9e7b4eede391d4a20e5_arm64 as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:365cd33870134af2c4f2413797cf32d3bc0643e93581e9e7b4eede391d4a20e5_arm64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:365cd33870134af2c4f2413797cf32d3bc0643e93581e9e7b4eede391d4a20e5_arm64",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:630b22b7518a2355492d98f7ac5c05610c981f706f707f1bb82c2ad5c0493640_ppc64le as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:630b22b7518a2355492d98f7ac5c05610c981f706f707f1bb82c2ad5c0493640_ppc64le"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:630b22b7518a2355492d98f7ac5c05610c981f706f707f1bb82c2ad5c0493640_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:957b420874020d5db2a4d4cdfdab41cda7853695cd29494cba78712d01f43cc5_s390x as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:957b420874020d5db2a4d4cdfdab41cda7853695cd29494cba78712d01f43cc5_s390x"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:957b420874020d5db2a4d4cdfdab41cda7853695cd29494cba78712d01f43cc5_s390x",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:f4fed927355e4b6b53448194e5325b209738fc9ba990d02db4cb75653a878113_amd64 as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:f4fed927355e4b6b53448194e5325b209738fc9ba990d02db4cb75653a878113_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:f4fed927355e4b6b53448194e5325b209738fc9ba990d02db4cb75653a878113_amd64",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:95f09ae4939c63ce698ac4a8b2b4275ebf2c304f3364bfc365c323aafbdd6206_arm64 as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:95f09ae4939c63ce698ac4a8b2b4275ebf2c304f3364bfc365c323aafbdd6206_arm64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:95f09ae4939c63ce698ac4a8b2b4275ebf2c304f3364bfc365c323aafbdd6206_arm64",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:b6c20bfad0e77414638d912d7cae7ff54ce0be30030fa9ba6f13448966c56294_ppc64le as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:b6c20bfad0e77414638d912d7cae7ff54ce0be30030fa9ba6f13448966c56294_ppc64le"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:b6c20bfad0e77414638d912d7cae7ff54ce0be30030fa9ba6f13448966c56294_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:ead329586aa61f94bf8c8a0efb676e8a695fceef5fcacdc568a4a466b492ec5e_s390x as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:ead329586aa61f94bf8c8a0efb676e8a695fceef5fcacdc568a4a466b492ec5e_s390x"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:ead329586aa61f94bf8c8a0efb676e8a695fceef5fcacdc568a4a466b492ec5e_s390x",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:f658538471aca8330a9d368f2cd3444416dca9a73e3cfb53b735da6463dcf337_amd64 as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:f658538471aca8330a9d368f2cd3444416dca9a73e3cfb53b735da6463dcf337_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:f658538471aca8330a9d368f2cd3444416dca9a73e3cfb53b735da6463dcf337_amd64",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:2c8c4d322736fe778a348e1dcd98f8f580b7f98ea42a651ad8b88c0d63f1b38d_arm64 as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:2c8c4d322736fe778a348e1dcd98f8f580b7f98ea42a651ad8b88c0d63f1b38d_arm64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:2c8c4d322736fe778a348e1dcd98f8f580b7f98ea42a651ad8b88c0d63f1b38d_arm64",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:523a76e2f894264701c5e4c02c70b187abb5b3f58136b91bcafbbae3b48eca84_s390x as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:523a76e2f894264701c5e4c02c70b187abb5b3f58136b91bcafbbae3b48eca84_s390x"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:523a76e2f894264701c5e4c02c70b187abb5b3f58136b91bcafbbae3b48eca84_s390x",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:76e7ce8466895cfc12f4f6a024f54674006eaa92b05534685f04089e13eb1364_ppc64le as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:76e7ce8466895cfc12f4f6a024f54674006eaa92b05534685f04089e13eb1364_ppc64le"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:76e7ce8466895cfc12f4f6a024f54674006eaa92b05534685f04089e13eb1364_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:c01d39107b2d2449f86ce893c97e790ea6acfa37e69f7d3b70a795ceacec12b6_amd64 as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:c01d39107b2d2449f86ce893c97e790ea6acfa37e69f7d3b70a795ceacec12b6_amd64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:c01d39107b2d2449f86ce893c97e790ea6acfa37e69f7d3b70a795ceacec12b6_amd64",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:0e76f7330665dc4a4ba52cb6be28f29cb24ed926c583540b721a03bedeb06a6d_s390x as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:0e76f7330665dc4a4ba52cb6be28f29cb24ed926c583540b721a03bedeb06a6d_s390x"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:0e76f7330665dc4a4ba52cb6be28f29cb24ed926c583540b721a03bedeb06a6d_s390x",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:27f63d236f04cc0611fd81168d42e81903eb53671c122dd902b2d3e41f6952bf_ppc64le as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:27f63d236f04cc0611fd81168d42e81903eb53671c122dd902b2d3e41f6952bf_ppc64le"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:27f63d236f04cc0611fd81168d42e81903eb53671c122dd902b2d3e41f6952bf_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:2f61991fbda425d6357195149a4ea8b939a2e6d11e9f15e104c86745d21bd22d_amd64 as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:2f61991fbda425d6357195149a4ea8b939a2e6d11e9f15e104c86745d21bd22d_amd64"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:2f61991fbda425d6357195149a4ea8b939a2e6d11e9f15e104c86745d21bd22d_amd64",
"relates_to_product_reference": "8Base-GitOps-1.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:decbecdee5ec0f3a4aaf86a95226d6bf24e2d39cf077048465365e54e613b2d3_arm64 as a component of Red Hat OpenShift GitOps 1.10",
"product_id": "8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:decbecdee5ec0f3a4aaf86a95226d6bf24e2d39cf077048465365e54e613b2d3_arm64"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:decbecdee5ec0f3a4aaf86a95226d6bf24e2d39cf077048465365e54e613b2d3_arm64",
"relates_to_product_reference": "8Base-GitOps-1.10"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29180",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270863"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer\u0027s machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack-dev-middleware: lack of URL validation may lead to file leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in webpack-dev represents a important security issue due to its potential to expose sensitive files and compromise developer machines. By failing to validate URLs and normalize paths effectively, the middleware allows attackers to craft malicious requests that can retrieve arbitrary local files or perform unauthorized path traversal. This could lead to unauthorized access to confidential information, including source code, configuration files, and even system-level files. Given the widespread use of webpack-dev-middleware in web development environments, addressing this vulnerability promptly is important to prevent serious data breaches and protect the integrity of development processes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:141bc9dec57c4c07ba209755e1b43fb99e2afc195f3430842b275b4c4dfcc5f5_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:167a4ec509a83696d014c258d640956c733038ae4a711824e4fdd8b004ba7964_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:53a9bf3139c8915efcf58e72193b652923167d38df5a61d5d5fbafb61b3fab0e_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:db225a8e1d83c11bad04f0aae82cd07013cc8902b5af0394d8be8bca1242ae25_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:6b85a3fc1e590ab008fdb2db4647c3eccf4540eb452c64b4ebd6a61647cbc5b8_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:91476c66096af76505cfc23d46fbcf2478a7417f86d0dedd59e7091088bcf9ef_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:babc6209cd7b170a073cb38d172de4830f8fef038fef17e10044eb41f02cbaa2_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:d4584964c9659370dac81298abb68f7b5c1eef49ad1a18c7996cd6cdac16926e_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:b8a1bb95b79659d5ff896734be4f28bc64c2d61560c473a4a0f1c14b1e18efe5_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:ba13922849da5fcd6a790bee2a8a39270b56ef399d2abbb7663eb698b15993c6_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:cf1e480c838479f8137537ab68ae818d219c40e58008a03214b0e5b6a3046730_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:f01f628665e7a1d3ecca7fe2f86a461fe100d8892c1e6ad848cc63c793585d0f_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:416353d665f078404aeb21c19099f342157e01eab321e50ff052565e036f9b0e_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:c3fcaa38e7883f3573628c1d99bd1cdd0fcb19061371009ab118902269bbf7b3_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:fce845415ec7aad46d57b63fa2ff57d03a902bfde4821ad74b20bfe20d41e389_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:fdb439b295b3903f9f2341929a545366ebb35e38bdb5f609f31678b0edff357e_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:ed2a8efb4fc40d2d6a09ceecaa0f16d6bea139e2d7afae6ba85dbae356daf59b_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:365cd33870134af2c4f2413797cf32d3bc0643e93581e9e7b4eede391d4a20e5_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:630b22b7518a2355492d98f7ac5c05610c981f706f707f1bb82c2ad5c0493640_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:957b420874020d5db2a4d4cdfdab41cda7853695cd29494cba78712d01f43cc5_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:f4fed927355e4b6b53448194e5325b209738fc9ba990d02db4cb75653a878113_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:95f09ae4939c63ce698ac4a8b2b4275ebf2c304f3364bfc365c323aafbdd6206_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:b6c20bfad0e77414638d912d7cae7ff54ce0be30030fa9ba6f13448966c56294_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:ead329586aa61f94bf8c8a0efb676e8a695fceef5fcacdc568a4a466b492ec5e_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:f658538471aca8330a9d368f2cd3444416dca9a73e3cfb53b735da6463dcf337_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:2c8c4d322736fe778a348e1dcd98f8f580b7f98ea42a651ad8b88c0d63f1b38d_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:523a76e2f894264701c5e4c02c70b187abb5b3f58136b91bcafbbae3b48eca84_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:76e7ce8466895cfc12f4f6a024f54674006eaa92b05534685f04089e13eb1364_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:c01d39107b2d2449f86ce893c97e790ea6acfa37e69f7d3b70a795ceacec12b6_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:0e76f7330665dc4a4ba52cb6be28f29cb24ed926c583540b721a03bedeb06a6d_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:27f63d236f04cc0611fd81168d42e81903eb53671c122dd902b2d3e41f6952bf_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:2f61991fbda425d6357195149a4ea8b939a2e6d11e9f15e104c86745d21bd22d_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:decbecdee5ec0f3a4aaf86a95226d6bf24e2d39cf077048465365e54e613b2d3_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29180"
},
{
"category": "external",
"summary": "RHBZ#2270863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6",
"url": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6"
}
],
"release_date": "2024-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-05-10T19:36:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:141bc9dec57c4c07ba209755e1b43fb99e2afc195f3430842b275b4c4dfcc5f5_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:167a4ec509a83696d014c258d640956c733038ae4a711824e4fdd8b004ba7964_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:53a9bf3139c8915efcf58e72193b652923167d38df5a61d5d5fbafb61b3fab0e_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:db225a8e1d83c11bad04f0aae82cd07013cc8902b5af0394d8be8bca1242ae25_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:6b85a3fc1e590ab008fdb2db4647c3eccf4540eb452c64b4ebd6a61647cbc5b8_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:91476c66096af76505cfc23d46fbcf2478a7417f86d0dedd59e7091088bcf9ef_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:babc6209cd7b170a073cb38d172de4830f8fef038fef17e10044eb41f02cbaa2_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:d4584964c9659370dac81298abb68f7b5c1eef49ad1a18c7996cd6cdac16926e_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:b8a1bb95b79659d5ff896734be4f28bc64c2d61560c473a4a0f1c14b1e18efe5_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:ba13922849da5fcd6a790bee2a8a39270b56ef399d2abbb7663eb698b15993c6_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:cf1e480c838479f8137537ab68ae818d219c40e58008a03214b0e5b6a3046730_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:f01f628665e7a1d3ecca7fe2f86a461fe100d8892c1e6ad848cc63c793585d0f_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:416353d665f078404aeb21c19099f342157e01eab321e50ff052565e036f9b0e_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:c3fcaa38e7883f3573628c1d99bd1cdd0fcb19061371009ab118902269bbf7b3_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:fce845415ec7aad46d57b63fa2ff57d03a902bfde4821ad74b20bfe20d41e389_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:fdb439b295b3903f9f2341929a545366ebb35e38bdb5f609f31678b0edff357e_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:ed2a8efb4fc40d2d6a09ceecaa0f16d6bea139e2d7afae6ba85dbae356daf59b_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:365cd33870134af2c4f2413797cf32d3bc0643e93581e9e7b4eede391d4a20e5_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:630b22b7518a2355492d98f7ac5c05610c981f706f707f1bb82c2ad5c0493640_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:957b420874020d5db2a4d4cdfdab41cda7853695cd29494cba78712d01f43cc5_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:f4fed927355e4b6b53448194e5325b209738fc9ba990d02db4cb75653a878113_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:95f09ae4939c63ce698ac4a8b2b4275ebf2c304f3364bfc365c323aafbdd6206_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:b6c20bfad0e77414638d912d7cae7ff54ce0be30030fa9ba6f13448966c56294_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:ead329586aa61f94bf8c8a0efb676e8a695fceef5fcacdc568a4a466b492ec5e_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:f658538471aca8330a9d368f2cd3444416dca9a73e3cfb53b735da6463dcf337_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:2c8c4d322736fe778a348e1dcd98f8f580b7f98ea42a651ad8b88c0d63f1b38d_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:523a76e2f894264701c5e4c02c70b187abb5b3f58136b91bcafbbae3b48eca84_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:76e7ce8466895cfc12f4f6a024f54674006eaa92b05534685f04089e13eb1364_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:c01d39107b2d2449f86ce893c97e790ea6acfa37e69f7d3b70a795ceacec12b6_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:0e76f7330665dc4a4ba52cb6be28f29cb24ed926c583540b721a03bedeb06a6d_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:27f63d236f04cc0611fd81168d42e81903eb53671c122dd902b2d3e41f6952bf_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:2f61991fbda425d6357195149a4ea8b939a2e6d11e9f15e104c86745d21bd22d_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:decbecdee5ec0f3a4aaf86a95226d6bf24e2d39cf077048465365e54e613b2d3_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:2817"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:141bc9dec57c4c07ba209755e1b43fb99e2afc195f3430842b275b4c4dfcc5f5_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:167a4ec509a83696d014c258d640956c733038ae4a711824e4fdd8b004ba7964_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:53a9bf3139c8915efcf58e72193b652923167d38df5a61d5d5fbafb61b3fab0e_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:db225a8e1d83c11bad04f0aae82cd07013cc8902b5af0394d8be8bca1242ae25_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:6b85a3fc1e590ab008fdb2db4647c3eccf4540eb452c64b4ebd6a61647cbc5b8_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:91476c66096af76505cfc23d46fbcf2478a7417f86d0dedd59e7091088bcf9ef_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:babc6209cd7b170a073cb38d172de4830f8fef038fef17e10044eb41f02cbaa2_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:d4584964c9659370dac81298abb68f7b5c1eef49ad1a18c7996cd6cdac16926e_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:b8a1bb95b79659d5ff896734be4f28bc64c2d61560c473a4a0f1c14b1e18efe5_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:ba13922849da5fcd6a790bee2a8a39270b56ef399d2abbb7663eb698b15993c6_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:cf1e480c838479f8137537ab68ae818d219c40e58008a03214b0e5b6a3046730_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:f01f628665e7a1d3ecca7fe2f86a461fe100d8892c1e6ad848cc63c793585d0f_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:416353d665f078404aeb21c19099f342157e01eab321e50ff052565e036f9b0e_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:c3fcaa38e7883f3573628c1d99bd1cdd0fcb19061371009ab118902269bbf7b3_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:fce845415ec7aad46d57b63fa2ff57d03a902bfde4821ad74b20bfe20d41e389_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:fdb439b295b3903f9f2341929a545366ebb35e38bdb5f609f31678b0edff357e_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:ed2a8efb4fc40d2d6a09ceecaa0f16d6bea139e2d7afae6ba85dbae356daf59b_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:365cd33870134af2c4f2413797cf32d3bc0643e93581e9e7b4eede391d4a20e5_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:630b22b7518a2355492d98f7ac5c05610c981f706f707f1bb82c2ad5c0493640_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:957b420874020d5db2a4d4cdfdab41cda7853695cd29494cba78712d01f43cc5_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:f4fed927355e4b6b53448194e5325b209738fc9ba990d02db4cb75653a878113_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:95f09ae4939c63ce698ac4a8b2b4275ebf2c304f3364bfc365c323aafbdd6206_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:b6c20bfad0e77414638d912d7cae7ff54ce0be30030fa9ba6f13448966c56294_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:ead329586aa61f94bf8c8a0efb676e8a695fceef5fcacdc568a4a466b492ec5e_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:f658538471aca8330a9d368f2cd3444416dca9a73e3cfb53b735da6463dcf337_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:2c8c4d322736fe778a348e1dcd98f8f580b7f98ea42a651ad8b88c0d63f1b38d_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:523a76e2f894264701c5e4c02c70b187abb5b3f58136b91bcafbbae3b48eca84_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:76e7ce8466895cfc12f4f6a024f54674006eaa92b05534685f04089e13eb1364_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:c01d39107b2d2449f86ce893c97e790ea6acfa37e69f7d3b70a795ceacec12b6_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:0e76f7330665dc4a4ba52cb6be28f29cb24ed926c583540b721a03bedeb06a6d_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:27f63d236f04cc0611fd81168d42e81903eb53671c122dd902b2d3e41f6952bf_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:2f61991fbda425d6357195149a4ea8b939a2e6d11e9f15e104c86745d21bd22d_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:decbecdee5ec0f3a4aaf86a95226d6bf24e2d39cf077048465365e54e613b2d3_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:141bc9dec57c4c07ba209755e1b43fb99e2afc195f3430842b275b4c4dfcc5f5_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:167a4ec509a83696d014c258d640956c733038ae4a711824e4fdd8b004ba7964_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:53a9bf3139c8915efcf58e72193b652923167d38df5a61d5d5fbafb61b3fab0e_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/argo-rollouts-rhel8@sha256:db225a8e1d83c11bad04f0aae82cd07013cc8902b5af0394d8be8bca1242ae25_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:6b85a3fc1e590ab008fdb2db4647c3eccf4540eb452c64b4ebd6a61647cbc5b8_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:91476c66096af76505cfc23d46fbcf2478a7417f86d0dedd59e7091088bcf9ef_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:babc6209cd7b170a073cb38d172de4830f8fef038fef17e10044eb41f02cbaa2_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/argocd-rhel8@sha256:d4584964c9659370dac81298abb68f7b5c1eef49ad1a18c7996cd6cdac16926e_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:b8a1bb95b79659d5ff896734be4f28bc64c2d61560c473a4a0f1c14b1e18efe5_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:ba13922849da5fcd6a790bee2a8a39270b56ef399d2abbb7663eb698b15993c6_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:cf1e480c838479f8137537ab68ae818d219c40e58008a03214b0e5b6a3046730_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/console-plugin-rhel8@sha256:f01f628665e7a1d3ecca7fe2f86a461fe100d8892c1e6ad848cc63c793585d0f_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:416353d665f078404aeb21c19099f342157e01eab321e50ff052565e036f9b0e_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:c3fcaa38e7883f3573628c1d99bd1cdd0fcb19061371009ab118902269bbf7b3_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:fce845415ec7aad46d57b63fa2ff57d03a902bfde4821ad74b20bfe20d41e389_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/dex-rhel8@sha256:fdb439b295b3903f9f2341929a545366ebb35e38bdb5f609f31678b0edff357e_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-operator-bundle@sha256:ed2a8efb4fc40d2d6a09ceecaa0f16d6bea139e2d7afae6ba85dbae356daf59b_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:365cd33870134af2c4f2413797cf32d3bc0643e93581e9e7b4eede391d4a20e5_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:630b22b7518a2355492d98f7ac5c05610c981f706f707f1bb82c2ad5c0493640_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:957b420874020d5db2a4d4cdfdab41cda7853695cd29494cba78712d01f43cc5_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8-operator@sha256:f4fed927355e4b6b53448194e5325b209738fc9ba990d02db4cb75653a878113_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:95f09ae4939c63ce698ac4a8b2b4275ebf2c304f3364bfc365c323aafbdd6206_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:b6c20bfad0e77414638d912d7cae7ff54ce0be30030fa9ba6f13448966c56294_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:ead329586aa61f94bf8c8a0efb676e8a695fceef5fcacdc568a4a466b492ec5e_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/gitops-rhel8@sha256:f658538471aca8330a9d368f2cd3444416dca9a73e3cfb53b735da6463dcf337_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:2c8c4d322736fe778a348e1dcd98f8f580b7f98ea42a651ad8b88c0d63f1b38d_arm64",
"8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:523a76e2f894264701c5e4c02c70b187abb5b3f58136b91bcafbbae3b48eca84_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:76e7ce8466895cfc12f4f6a024f54674006eaa92b05534685f04089e13eb1364_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/kam-delivery-rhel8@sha256:c01d39107b2d2449f86ce893c97e790ea6acfa37e69f7d3b70a795ceacec12b6_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:0e76f7330665dc4a4ba52cb6be28f29cb24ed926c583540b721a03bedeb06a6d_s390x",
"8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:27f63d236f04cc0611fd81168d42e81903eb53671c122dd902b2d3e41f6952bf_ppc64le",
"8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:2f61991fbda425d6357195149a4ea8b939a2e6d11e9f15e104c86745d21bd22d_amd64",
"8Base-GitOps-1.10:openshift-gitops-1/must-gather-rhel8@sha256:decbecdee5ec0f3a4aaf86a95226d6bf24e2d39cf077048465365e54e613b2d3_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "webpack-dev-middleware: lack of URL validation may lead to file leak"
}
]
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.