rhsa-2024_3617
Vulnerability from csaf_redhat
Published
2024-07-01 00:52
Modified
2024-09-16 22:00
Summary
Red Hat Security Advisory: Kube Descheduler Operator for Red Hat OpenShift 5.0.1 for RHEL 9
Notes
Topic
Kube Descheduler Operator for Red Hat OpenShift 5.0.1 for RHEL 9
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
The Kube Descheduler Operator for Red Hat OpenShift is an optional
operator that deploys the descheduler, which is responsible for
evicting pods based on certain strategies.
Security Fix(es):
* golang: html/template: errors returned from MarshalJSON methods may break template escaping (CVE-2024-24785)
* golang: net/mail: comments in display names are incorrectly handled (CVE-2024-24784)
* golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm (CVE-2024-24783)
* golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON (CVE-2024-24786)
* golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Kube Descheduler Operator for Red Hat OpenShift 5.0.1 for RHEL 9\n\nRed Hat Product Security has rated this update as having a security impact of\nModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Kube Descheduler Operator for Red Hat OpenShift is an optional\noperator that deploys the descheduler, which is responsible for\nevicting pods based on certain strategies.\n\nSecurity Fix(es):\n\n* golang: html/template: errors returned from MarshalJSON methods may break template escaping (CVE-2024-24785)\n* golang: net/mail: comments in display names are incorrectly handled (CVE-2024-24784)\n* golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm (CVE-2024-24783)\n* golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON (CVE-2024-24786)\n* golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:3617",
"url": "https://access.redhat.com/errata/RHSA-2024:3617"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2268017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268017"
},
{
"category": "external",
"summary": "2268019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268019"
},
{
"category": "external",
"summary": "2268021",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268021"
},
{
"category": "external",
"summary": "2268022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268022"
},
{
"category": "external",
"summary": "2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "external",
"summary": "WRKLDS-1059",
"url": "https://issues.redhat.com/browse/WRKLDS-1059"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_3617.json"
}
],
"title": "Red Hat Security Advisory: Kube Descheduler Operator for Red Hat OpenShift 5.0.1 for RHEL 9",
"tracking": {
"current_release_date": "2024-09-16T22:00:37+00:00",
"generator": {
"date": "2024-09-16T22:00:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2024:3617",
"initial_release_date": "2024-07-01T00:52:46+00:00",
"revision_history": [
{
"date": "2024-07-01T00:52:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-07-01T00:52:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T22:00:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "KDO 5.0 for RHEL 9",
"product": {
"name": "KDO 5.0 for RHEL 9",
"product_id": "9Base-KDO-5.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:kube_descheduler_operator:5.0::el9"
}
}
}
],
"category": "product_family",
"name": "Kube Descheduler Operator"
},
{
"branches": [
{
"category": "product_version",
"name": "kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"product": {
"name": "kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"product_id": "kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b?arch=amd64\u0026repository_url=registry.redhat.io/kube-descheduler-operator/descheduler-rhel9\u0026tag=v5.0-31"
}
}
},
{
"category": "product_version",
"name": "kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"product": {
"name": "kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"product_id": "kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89?arch=amd64\u0026repository_url=registry.redhat.io/kube-descheduler-operator/kube-descheduler-operator-bundle\u0026tag=v5.0-23"
}
}
},
{
"category": "product_version",
"name": "kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"product": {
"name": "kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"product_id": "kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351?arch=amd64\u0026repository_url=registry.redhat.io/kube-descheduler-operator/kube-descheduler-rhel9-operator\u0026tag=v5.0-28"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"product": {
"name": "kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"product_id": "kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0?arch=s390x\u0026repository_url=registry.redhat.io/kube-descheduler-operator/descheduler-rhel9\u0026tag=v5.0-31"
}
}
},
{
"category": "product_version",
"name": "kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"product": {
"name": "kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"product_id": "kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821?arch=s390x\u0026repository_url=registry.redhat.io/kube-descheduler-operator/kube-descheduler-operator-bundle\u0026tag=v5.0-23"
}
}
},
{
"category": "product_version",
"name": "kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"product": {
"name": "kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"product_id": "kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8?arch=s390x\u0026repository_url=registry.redhat.io/kube-descheduler-operator/kube-descheduler-rhel9-operator\u0026tag=v5.0-28"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"product": {
"name": "kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"product_id": "kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f?arch=ppc64le\u0026repository_url=registry.redhat.io/kube-descheduler-operator/descheduler-rhel9\u0026tag=v5.0-31"
}
}
},
{
"category": "product_version",
"name": "kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"product": {
"name": "kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"product_id": "kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360?arch=ppc64le\u0026repository_url=registry.redhat.io/kube-descheduler-operator/kube-descheduler-operator-bundle\u0026tag=v5.0-23"
}
}
},
{
"category": "product_version",
"name": "kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le",
"product": {
"name": "kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le",
"product_id": "kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac?arch=ppc64le\u0026repository_url=registry.redhat.io/kube-descheduler-operator/kube-descheduler-rhel9-operator\u0026tag=v5.0-28"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"product": {
"name": "kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"product_id": "kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d?arch=arm64\u0026repository_url=registry.redhat.io/kube-descheduler-operator/descheduler-rhel9\u0026tag=v5.0-31"
}
}
},
{
"category": "product_version",
"name": "kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"product": {
"name": "kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"product_id": "kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab?arch=arm64\u0026repository_url=registry.redhat.io/kube-descheduler-operator/kube-descheduler-operator-bundle\u0026tag=v5.0-23"
}
}
},
{
"category": "product_version",
"name": "kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"product": {
"name": "kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"product_id": "kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35?arch=arm64\u0026repository_url=registry.redhat.io/kube-descheduler-operator/kube-descheduler-rhel9-operator\u0026tag=v5.0-28"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64 as a component of KDO 5.0 for RHEL 9",
"product_id": "9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64"
},
"product_reference": "kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"relates_to_product_reference": "9Base-KDO-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x as a component of KDO 5.0 for RHEL 9",
"product_id": "9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x"
},
"product_reference": "kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"relates_to_product_reference": "9Base-KDO-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64 as a component of KDO 5.0 for RHEL 9",
"product_id": "9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64"
},
"product_reference": "kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"relates_to_product_reference": "9Base-KDO-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le as a component of KDO 5.0 for RHEL 9",
"product_id": "9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le"
},
"product_reference": "kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"relates_to_product_reference": "9Base-KDO-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le as a component of KDO 5.0 for RHEL 9",
"product_id": "9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le"
},
"product_reference": "kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"relates_to_product_reference": "9Base-KDO-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64 as a component of KDO 5.0 for RHEL 9",
"product_id": "9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64"
},
"product_reference": "kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"relates_to_product_reference": "9Base-KDO-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64 as a component of KDO 5.0 for RHEL 9",
"product_id": "9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64"
},
"product_reference": "kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"relates_to_product_reference": "9Base-KDO-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x as a component of KDO 5.0 for RHEL 9",
"product_id": "9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x"
},
"product_reference": "kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"relates_to_product_reference": "9Base-KDO-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64 as a component of KDO 5.0 for RHEL 9",
"product_id": "9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64"
},
"product_reference": "kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"relates_to_product_reference": "9Base-KDO-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x as a component of KDO 5.0 for RHEL 9",
"product_id": "9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x"
},
"product_reference": "kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"relates_to_product_reference": "9Base-KDO-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64 as a component of KDO 5.0 for RHEL 9",
"product_id": "9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64"
},
"product_reference": "kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"relates_to_product_reference": "9Base-KDO-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le as a component of KDO 5.0 for RHEL 9",
"product_id": "9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le"
},
"product_reference": "kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le",
"relates_to_product_reference": "9Base-KDO-5.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-45290",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268017"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Go\u0027s net/http standard library package. When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This issue permitted a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: memory exhaustion in Request.ParseMultipartForm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45290"
},
{
"category": "external",
"summary": "RHBZ#2268017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268017"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/03/08/4",
"url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
},
{
"category": "external",
"summary": "https://go.dev/cl/569341",
"url": "https://go.dev/cl/569341"
},
{
"category": "external",
"summary": "https://go.dev/issue/65383",
"url": "https://go.dev/issue/65383"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2599",
"url": "https://pkg.go.dev/vuln/GO-2024-2599"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240329-0004",
"url": "https://security.netapp.com/advisory/ntap-20240329-0004"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.",
"product_ids": [
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3617"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: memory exhaustion in Request.ParseMultipartForm"
},
{
"cve": "CVE-2024-24783",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268019"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24783"
},
{
"category": "external",
"summary": "RHBZ#2268019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268019"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24783",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24783"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/03/08/4",
"url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3q2c-pvp5-3cqp",
"url": "https://github.com/advisories/GHSA-3q2c-pvp5-3cqp"
},
{
"category": "external",
"summary": "https://go.dev/cl/569339",
"url": "https://go.dev/cl/569339"
},
{
"category": "external",
"summary": "https://go.dev/issue/65390",
"url": "https://go.dev/issue/65390"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2598",
"url": "https://pkg.go.dev/vuln/GO-2024-2598"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240329-0005",
"url": "https://security.netapp.com/advisory/ntap-20240329-0005"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.",
"product_ids": [
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3617"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm"
},
{
"cve": "CVE-2024-24784",
"cwe": {
"id": "CWE-115",
"name": "Misinterpretation of Input"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268021"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s net/mail standard library package. The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions made by programs using different parsers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/mail: comments in display names are incorrectly handled",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24784"
},
{
"category": "external",
"summary": "RHBZ#2268021",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268021"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24784",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24784"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.",
"product_ids": [
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3617"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/mail: comments in display names are incorrectly handled"
},
{
"cve": "CVE-2024-24785",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268022"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s html/template standard library package. If errors returned from MarshalJSON methods contain user-controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing subsequent actions to inject unexpected content into templates.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: errors returned from MarshalJSON methods may break template escaping",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24785"
},
{
"category": "external",
"summary": "RHBZ#2268022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24785"
},
{
"category": "external",
"summary": "https://go.dev/cl/564196",
"url": "https://go.dev/cl/564196"
},
{
"category": "external",
"summary": "https://go.dev/issue/65697",
"url": "https://go.dev/issue/65697"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2024-2610.json",
"url": "https://vuln.go.dev/ID/GO-2024-2610.json"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.",
"product_ids": [
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3617"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: errors returned from MarshalJSON methods may break template escaping"
},
{
"cve": "CVE-2024-24786",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268046"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang\u0027s protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24786"
},
{
"category": "external",
"summary": "RHBZ#2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786"
},
{
"category": "external",
"summary": "https://go.dev/cl/569356",
"url": "https://go.dev/cl/569356"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/",
"url": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2611",
"url": "https://pkg.go.dev/vuln/GO-2024-2611"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.",
"product_ids": [
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:3617"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:587190a7b65ea56ce257ae486c0faa6616290fa39f81431359dc2b2d78521b4b_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:62da135a18b602beeef94dcf035d637b149206d017c83d7d630c5001795e1df0_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:664515e8e38df2bb2cb751e8c0870a1bcbbaf46e4feca86002b225c98610a40d_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/descheduler-rhel9@sha256:941359511dc5c78eada7f13f5800cb831bb00924e8007adf93201371f522ab6f_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:5041af3cc040d3e550599e6436bfddd1f449338bb54705273afbc8c4a0dde360_ppc64le",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:b26e5ebec8ffcfaf18c8c4acb8c25a71318ea7d3b372c9e3e170b6026a681a89_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:e4806d2fb547a29e2d33c8c6b2dd7ba2d0c3f23074384884b488077a19aa0bab_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-operator-bundle@sha256:ef62663d2e7fd44ea7705fc60471bfe504522c22e565fb975617eb0f03a2e821_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:0164ab8191aef77765861c677ab8c62ea648468e5be8283652b8200688e9cf35_arm64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:442e22a6292d7696a69d650f7e2f3873a3c3b947f70ccf16b97b70a2f6a7c9b8_s390x",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:93cca62bc492bb590667231b26eb5dd0b2c03d866e3035729029ad4bd7a2d351_amd64",
"9Base-KDO-5.0:kube-descheduler-operator/kube-descheduler-rhel9-operator@sha256:e60edf5aa0893cba72988c09ae340619accd37a7b171e2af873de37c44f449ac_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON"
}
]
}
Loading...