rhsa-2024_4697
Vulnerability from csaf_redhat
Published
2024-07-22 10:11
Modified
2024-11-13 18:18
Summary
Red Hat Security Advisory: Red Hat build of Cryostat security update
Notes
Topic
An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.
Security Fix(es):
* golang: net: malformed DNS message can cause infinite loop (CVE-2024-24788)
* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.\n\nSecurity Fix(es):\n\n* golang: net: malformed DNS message can cause infinite loop (CVE-2024-24788)\n\n* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:4697", "url": "https://access.redhat.com/errata/RHSA-2024:4697" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2279814", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279814" }, { "category": "external", "summary": "2292787", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4697.json" } ], "title": "Red Hat Security Advisory: Red Hat build of Cryostat security update", "tracking": { "current_release_date": "2024-11-13T18:18:09+00:00", "generator": { "date": "2024-11-13T18:18:09+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.0" } }, "id": "RHSA-2024:4697", "initial_release_date": "2024-07-22T10:11:20+00:00", "revision_history": [ { "date": "2024-07-22T10:11:20+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-07-22T10:11:20+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-13T18:18:09+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Cryostat 3 on RHEL 8", "product": { "name": "Cryostat 3 on RHEL 8", "product_id": "8Base-Cryostat-3", "product_identification_helper": { "cpe": "cpe:/a:redhat:cryostat:3::el8" } } } ], "category": "product_family", "name": "Cryostat" }, { "branches": [ { "category": "product_version", "name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:40623b160d9d1ec30e568a5f2465e973731d7075a75e9494c57f427c80851a58_arm64", "product": { "name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:40623b160d9d1ec30e568a5f2465e973731d7075a75e9494c57f427c80851a58_arm64", "product_id": "cryostat-tech-preview/cryostat-db-rhel8@sha256:40623b160d9d1ec30e568a5f2465e973731d7075a75e9494c57f427c80851a58_arm64", "product_identification_helper": { "purl": "pkg:oci/cryostat-db-rhel8@sha256:40623b160d9d1ec30e568a5f2465e973731d7075a75e9494c57f427c80851a58?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-db-rhel8\u0026tag=3.0.0-7" } } }, { "category": "product_version", "name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f32c3f4c83f36f02b43a1134e2b443a15314d514a95920c4a1753fc710b1361c_arm64", "product": { "name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f32c3f4c83f36f02b43a1134e2b443a15314d514a95920c4a1753fc710b1361c_arm64", "product_id": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f32c3f4c83f36f02b43a1134e2b443a15314d514a95920c4a1753fc710b1361c_arm64", "product_identification_helper": { "purl": "pkg:oci/cryostat-grafana-dashboard-rhel8@sha256:f32c3f4c83f36f02b43a1134e2b443a15314d514a95920c4a1753fc710b1361c?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-grafana-dashboard-rhel8\u0026tag=3.0.0-6" } } }, { "category": "product_version", "name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:f57d01c58423176fdca76af6b4e6d2672b2f7c2cc093e7da317ee5931093dcf8_arm64", "product": { "name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:f57d01c58423176fdca76af6b4e6d2672b2f7c2cc093e7da317ee5931093dcf8_arm64", "product_id": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:f57d01c58423176fdca76af6b4e6d2672b2f7c2cc093e7da317ee5931093dcf8_arm64", "product_identification_helper": { "purl": "pkg:oci/cryostat-ose-oauth-proxy-rhel8@sha256:f57d01c58423176fdca76af6b4e6d2672b2f7c2cc093e7da317ee5931093dcf8?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8\u0026tag=3.0.0-7" } } }, { "category": "product_version", "name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:e4920c127c4ece8796ace167a6032b6afe7b684731782cfa6e9cf376f660f674_arm64", "product": { "name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:e4920c127c4ece8796ace167a6032b6afe7b684731782cfa6e9cf376f660f674_arm64", "product_id": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:e4920c127c4ece8796ace167a6032b6afe7b684731782cfa6e9cf376f660f674_arm64", "product_identification_helper": { "purl": "pkg:oci/cryostat-reports-rhel8@sha256:e4920c127c4ece8796ace167a6032b6afe7b684731782cfa6e9cf376f660f674?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-reports-rhel8\u0026tag=3.0.0-6" } } }, { "category": "product_version", "name": "cryostat-tech-preview/cryostat-rhel8@sha256:5e7f6388263e592f90d50283678f48825b280b53a2eba722239c7a77a4451b09_arm64", "product": { "name": "cryostat-tech-preview/cryostat-rhel8@sha256:5e7f6388263e592f90d50283678f48825b280b53a2eba722239c7a77a4451b09_arm64", "product_id": "cryostat-tech-preview/cryostat-rhel8@sha256:5e7f6388263e592f90d50283678f48825b280b53a2eba722239c7a77a4451b09_arm64", "product_identification_helper": { "purl": "pkg:oci/cryostat-rhel8@sha256:5e7f6388263e592f90d50283678f48825b280b53a2eba722239c7a77a4451b09?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8\u0026tag=3.0.0-6" } } }, { "category": "product_version", "name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:b2691ae75ad89d02d7d746b9ef13706df5036a724a8ac4de6880c056bd969f5a_arm64", "product": { "name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:b2691ae75ad89d02d7d746b9ef13706df5036a724a8ac4de6880c056bd969f5a_arm64", "product_id": "cryostat-tech-preview/cryostat-operator-bundle@sha256:b2691ae75ad89d02d7d746b9ef13706df5036a724a8ac4de6880c056bd969f5a_arm64", "product_identification_helper": { "purl": "pkg:oci/cryostat-operator-bundle@sha256:b2691ae75ad89d02d7d746b9ef13706df5036a724a8ac4de6880c056bd969f5a?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-operator-bundle\u0026tag=3.0.0-6" } } }, { "category": "product_version", "name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:cd80dde7f240ed7d600bd869bc32dadeca137b5ab6d1d6d9e8de5c6b71070c34_arm64", "product": { "name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:cd80dde7f240ed7d600bd869bc32dadeca137b5ab6d1d6d9e8de5c6b71070c34_arm64", "product_id": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:cd80dde7f240ed7d600bd869bc32dadeca137b5ab6d1d6d9e8de5c6b71070c34_arm64", "product_identification_helper": { "purl": "pkg:oci/cryostat-rhel8-operator@sha256:cd80dde7f240ed7d600bd869bc32dadeca137b5ab6d1d6d9e8de5c6b71070c34?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8-operator\u0026tag=3.0.0-6" } } }, { "category": "product_version", "name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:70c748f3d61253536ee609f0362cce0a1537251bf2ec3d3f4bf7b0d4c002bf67_arm64", "product": { "name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:70c748f3d61253536ee609f0362cce0a1537251bf2ec3d3f4bf7b0d4c002bf67_arm64", "product_id": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:70c748f3d61253536ee609f0362cce0a1537251bf2ec3d3f4bf7b0d4c002bf67_arm64", "product_identification_helper": { "purl": "pkg:oci/cryostat-storage-rhel8@sha256:70c748f3d61253536ee609f0362cce0a1537251bf2ec3d3f4bf7b0d4c002bf67?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-storage-rhel8\u0026tag=3.0.0-7" } } }, { "category": "product_version", "name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:3755f9226007651bfb010ab235f039b715e8268666133eda974fba742372f1fe_arm64", "product": { "name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:3755f9226007651bfb010ab235f039b715e8268666133eda974fba742372f1fe_arm64", "product_id": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:3755f9226007651bfb010ab235f039b715e8268666133eda974fba742372f1fe_arm64", "product_identification_helper": { "purl": "pkg:oci/jfr-datasource-rhel8@sha256:3755f9226007651bfb010ab235f039b715e8268666133eda974fba742372f1fe?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/jfr-datasource-rhel8\u0026tag=3.0.0-6" } } } ], "category": "architecture", "name": "arm64" }, { "branches": [ { "category": "product_version", "name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:fd46ca2d4426dfb665744232cd43fdf822b1d10ceee56c8a4423eb32f2b02d22_amd64", "product": { "name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:fd46ca2d4426dfb665744232cd43fdf822b1d10ceee56c8a4423eb32f2b02d22_amd64", "product_id": "cryostat-tech-preview/cryostat-db-rhel8@sha256:fd46ca2d4426dfb665744232cd43fdf822b1d10ceee56c8a4423eb32f2b02d22_amd64", "product_identification_helper": { "purl": "pkg:oci/cryostat-db-rhel8@sha256:fd46ca2d4426dfb665744232cd43fdf822b1d10ceee56c8a4423eb32f2b02d22?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-db-rhel8\u0026tag=3.0.0-7" } } }, { "category": "product_version", "name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f66483faeac9a40cde6071f8a1dbdb94e7925df468b5726c206d10d25bc2f49c_amd64", "product": { "name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f66483faeac9a40cde6071f8a1dbdb94e7925df468b5726c206d10d25bc2f49c_amd64", "product_id": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f66483faeac9a40cde6071f8a1dbdb94e7925df468b5726c206d10d25bc2f49c_amd64", "product_identification_helper": { "purl": "pkg:oci/cryostat-grafana-dashboard-rhel8@sha256:f66483faeac9a40cde6071f8a1dbdb94e7925df468b5726c206d10d25bc2f49c?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-grafana-dashboard-rhel8\u0026tag=3.0.0-6" } } }, { "category": "product_version", "name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:cdf9f0cf5617e77b3aea6e1f5097acfcd48c918c6bb57fc84af7a1f20be40d9a_amd64", "product": { "name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:cdf9f0cf5617e77b3aea6e1f5097acfcd48c918c6bb57fc84af7a1f20be40d9a_amd64", "product_id": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:cdf9f0cf5617e77b3aea6e1f5097acfcd48c918c6bb57fc84af7a1f20be40d9a_amd64", "product_identification_helper": { "purl": "pkg:oci/cryostat-ose-oauth-proxy-rhel8@sha256:cdf9f0cf5617e77b3aea6e1f5097acfcd48c918c6bb57fc84af7a1f20be40d9a?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8\u0026tag=3.0.0-7" } } }, { "category": "product_version", "name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:50099a32dd268be7db0e870819705fee473c3c83f213361d2a1ecf4660287c16_amd64", "product": { "name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:50099a32dd268be7db0e870819705fee473c3c83f213361d2a1ecf4660287c16_amd64", "product_id": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:50099a32dd268be7db0e870819705fee473c3c83f213361d2a1ecf4660287c16_amd64", "product_identification_helper": { "purl": "pkg:oci/cryostat-reports-rhel8@sha256:50099a32dd268be7db0e870819705fee473c3c83f213361d2a1ecf4660287c16?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-reports-rhel8\u0026tag=3.0.0-6" } } }, { "category": "product_version", "name": "cryostat-tech-preview/cryostat-rhel8@sha256:4a49628cbab41240fbe372971e86b32bb6bbd5fbe7143fbbde903f5f36d0e6e0_amd64", "product": { "name": "cryostat-tech-preview/cryostat-rhel8@sha256:4a49628cbab41240fbe372971e86b32bb6bbd5fbe7143fbbde903f5f36d0e6e0_amd64", "product_id": "cryostat-tech-preview/cryostat-rhel8@sha256:4a49628cbab41240fbe372971e86b32bb6bbd5fbe7143fbbde903f5f36d0e6e0_amd64", "product_identification_helper": { "purl": "pkg:oci/cryostat-rhel8@sha256:4a49628cbab41240fbe372971e86b32bb6bbd5fbe7143fbbde903f5f36d0e6e0?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8\u0026tag=3.0.0-6" } } }, { "category": "product_version", "name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:76e44b49523e3d243d1d73d9790d0941213a03f270b1e76afe07c48e51f15146_amd64", "product": { "name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:76e44b49523e3d243d1d73d9790d0941213a03f270b1e76afe07c48e51f15146_amd64", "product_id": "cryostat-tech-preview/cryostat-operator-bundle@sha256:76e44b49523e3d243d1d73d9790d0941213a03f270b1e76afe07c48e51f15146_amd64", "product_identification_helper": { "purl": "pkg:oci/cryostat-operator-bundle@sha256:76e44b49523e3d243d1d73d9790d0941213a03f270b1e76afe07c48e51f15146?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-operator-bundle\u0026tag=3.0.0-6" } } }, { "category": "product_version", "name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:13eeb08ff96d003bc6eb05be4ce000a34456f7b101f84a58c95ca0df8cd76182_amd64", "product": { "name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:13eeb08ff96d003bc6eb05be4ce000a34456f7b101f84a58c95ca0df8cd76182_amd64", "product_id": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:13eeb08ff96d003bc6eb05be4ce000a34456f7b101f84a58c95ca0df8cd76182_amd64", "product_identification_helper": { "purl": "pkg:oci/cryostat-rhel8-operator@sha256:13eeb08ff96d003bc6eb05be4ce000a34456f7b101f84a58c95ca0df8cd76182?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8-operator\u0026tag=3.0.0-6" } } }, { "category": "product_version", "name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:653f2cce1486cd628cd9fd679ac308e029a01b8e3a6b284efc35538bc99f87b4_amd64", "product": { "name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:653f2cce1486cd628cd9fd679ac308e029a01b8e3a6b284efc35538bc99f87b4_amd64", "product_id": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:653f2cce1486cd628cd9fd679ac308e029a01b8e3a6b284efc35538bc99f87b4_amd64", "product_identification_helper": { "purl": "pkg:oci/cryostat-storage-rhel8@sha256:653f2cce1486cd628cd9fd679ac308e029a01b8e3a6b284efc35538bc99f87b4?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-storage-rhel8\u0026tag=3.0.0-7" } } }, { "category": "product_version", "name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:bc318bc151465d4672c6c07d7535bec2e40d97f7c8d158eefff1f63e242212dd_amd64", "product": { "name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:bc318bc151465d4672c6c07d7535bec2e40d97f7c8d158eefff1f63e242212dd_amd64", "product_id": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:bc318bc151465d4672c6c07d7535bec2e40d97f7c8d158eefff1f63e242212dd_amd64", "product_identification_helper": { "purl": "pkg:oci/jfr-datasource-rhel8@sha256:bc318bc151465d4672c6c07d7535bec2e40d97f7c8d158eefff1f63e242212dd?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/jfr-datasource-rhel8\u0026tag=3.0.0-6" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:40623b160d9d1ec30e568a5f2465e973731d7075a75e9494c57f427c80851a58_arm64 as a component of Cryostat 3 on RHEL 8", "product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:40623b160d9d1ec30e568a5f2465e973731d7075a75e9494c57f427c80851a58_arm64" }, "product_reference": "cryostat-tech-preview/cryostat-db-rhel8@sha256:40623b160d9d1ec30e568a5f2465e973731d7075a75e9494c57f427c80851a58_arm64", "relates_to_product_reference": "8Base-Cryostat-3" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:fd46ca2d4426dfb665744232cd43fdf822b1d10ceee56c8a4423eb32f2b02d22_amd64 as a component of Cryostat 3 on RHEL 8", "product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:fd46ca2d4426dfb665744232cd43fdf822b1d10ceee56c8a4423eb32f2b02d22_amd64" }, "product_reference": "cryostat-tech-preview/cryostat-db-rhel8@sha256:fd46ca2d4426dfb665744232cd43fdf822b1d10ceee56c8a4423eb32f2b02d22_amd64", "relates_to_product_reference": "8Base-Cryostat-3" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f32c3f4c83f36f02b43a1134e2b443a15314d514a95920c4a1753fc710b1361c_arm64 as a component of Cryostat 3 on RHEL 8", "product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f32c3f4c83f36f02b43a1134e2b443a15314d514a95920c4a1753fc710b1361c_arm64" }, "product_reference": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f32c3f4c83f36f02b43a1134e2b443a15314d514a95920c4a1753fc710b1361c_arm64", "relates_to_product_reference": "8Base-Cryostat-3" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f66483faeac9a40cde6071f8a1dbdb94e7925df468b5726c206d10d25bc2f49c_amd64 as a component of Cryostat 3 on RHEL 8", "product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f66483faeac9a40cde6071f8a1dbdb94e7925df468b5726c206d10d25bc2f49c_amd64" }, "product_reference": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f66483faeac9a40cde6071f8a1dbdb94e7925df468b5726c206d10d25bc2f49c_amd64", "relates_to_product_reference": "8Base-Cryostat-3" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:76e44b49523e3d243d1d73d9790d0941213a03f270b1e76afe07c48e51f15146_amd64 as a component of Cryostat 3 on RHEL 8", "product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:76e44b49523e3d243d1d73d9790d0941213a03f270b1e76afe07c48e51f15146_amd64" }, "product_reference": "cryostat-tech-preview/cryostat-operator-bundle@sha256:76e44b49523e3d243d1d73d9790d0941213a03f270b1e76afe07c48e51f15146_amd64", "relates_to_product_reference": "8Base-Cryostat-3" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:b2691ae75ad89d02d7d746b9ef13706df5036a724a8ac4de6880c056bd969f5a_arm64 as a component of Cryostat 3 on RHEL 8", "product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:b2691ae75ad89d02d7d746b9ef13706df5036a724a8ac4de6880c056bd969f5a_arm64" }, "product_reference": "cryostat-tech-preview/cryostat-operator-bundle@sha256:b2691ae75ad89d02d7d746b9ef13706df5036a724a8ac4de6880c056bd969f5a_arm64", "relates_to_product_reference": "8Base-Cryostat-3" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:cdf9f0cf5617e77b3aea6e1f5097acfcd48c918c6bb57fc84af7a1f20be40d9a_amd64 as a component of Cryostat 3 on RHEL 8", "product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:cdf9f0cf5617e77b3aea6e1f5097acfcd48c918c6bb57fc84af7a1f20be40d9a_amd64" }, "product_reference": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:cdf9f0cf5617e77b3aea6e1f5097acfcd48c918c6bb57fc84af7a1f20be40d9a_amd64", "relates_to_product_reference": "8Base-Cryostat-3" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:f57d01c58423176fdca76af6b4e6d2672b2f7c2cc093e7da317ee5931093dcf8_arm64 as a component of Cryostat 3 on RHEL 8", "product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:f57d01c58423176fdca76af6b4e6d2672b2f7c2cc093e7da317ee5931093dcf8_arm64" }, "product_reference": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:f57d01c58423176fdca76af6b4e6d2672b2f7c2cc093e7da317ee5931093dcf8_arm64", "relates_to_product_reference": "8Base-Cryostat-3" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:50099a32dd268be7db0e870819705fee473c3c83f213361d2a1ecf4660287c16_amd64 as a component of Cryostat 3 on RHEL 8", "product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:50099a32dd268be7db0e870819705fee473c3c83f213361d2a1ecf4660287c16_amd64" }, "product_reference": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:50099a32dd268be7db0e870819705fee473c3c83f213361d2a1ecf4660287c16_amd64", "relates_to_product_reference": "8Base-Cryostat-3" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:e4920c127c4ece8796ace167a6032b6afe7b684731782cfa6e9cf376f660f674_arm64 as a component of Cryostat 3 on RHEL 8", "product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:e4920c127c4ece8796ace167a6032b6afe7b684731782cfa6e9cf376f660f674_arm64" }, "product_reference": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:e4920c127c4ece8796ace167a6032b6afe7b684731782cfa6e9cf376f660f674_arm64", "relates_to_product_reference": "8Base-Cryostat-3" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:13eeb08ff96d003bc6eb05be4ce000a34456f7b101f84a58c95ca0df8cd76182_amd64 as a component of Cryostat 3 on RHEL 8", "product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:13eeb08ff96d003bc6eb05be4ce000a34456f7b101f84a58c95ca0df8cd76182_amd64" }, "product_reference": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:13eeb08ff96d003bc6eb05be4ce000a34456f7b101f84a58c95ca0df8cd76182_amd64", "relates_to_product_reference": "8Base-Cryostat-3" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:cd80dde7f240ed7d600bd869bc32dadeca137b5ab6d1d6d9e8de5c6b71070c34_arm64 as a component of Cryostat 3 on RHEL 8", "product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:cd80dde7f240ed7d600bd869bc32dadeca137b5ab6d1d6d9e8de5c6b71070c34_arm64" }, "product_reference": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:cd80dde7f240ed7d600bd869bc32dadeca137b5ab6d1d6d9e8de5c6b71070c34_arm64", "relates_to_product_reference": "8Base-Cryostat-3" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-rhel8@sha256:4a49628cbab41240fbe372971e86b32bb6bbd5fbe7143fbbde903f5f36d0e6e0_amd64 as a component of Cryostat 3 on RHEL 8", "product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:4a49628cbab41240fbe372971e86b32bb6bbd5fbe7143fbbde903f5f36d0e6e0_amd64" }, "product_reference": "cryostat-tech-preview/cryostat-rhel8@sha256:4a49628cbab41240fbe372971e86b32bb6bbd5fbe7143fbbde903f5f36d0e6e0_amd64", "relates_to_product_reference": "8Base-Cryostat-3" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-rhel8@sha256:5e7f6388263e592f90d50283678f48825b280b53a2eba722239c7a77a4451b09_arm64 as a component of Cryostat 3 on RHEL 8", "product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:5e7f6388263e592f90d50283678f48825b280b53a2eba722239c7a77a4451b09_arm64" }, "product_reference": "cryostat-tech-preview/cryostat-rhel8@sha256:5e7f6388263e592f90d50283678f48825b280b53a2eba722239c7a77a4451b09_arm64", "relates_to_product_reference": "8Base-Cryostat-3" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:653f2cce1486cd628cd9fd679ac308e029a01b8e3a6b284efc35538bc99f87b4_amd64 as a component of Cryostat 3 on RHEL 8", "product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:653f2cce1486cd628cd9fd679ac308e029a01b8e3a6b284efc35538bc99f87b4_amd64" }, "product_reference": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:653f2cce1486cd628cd9fd679ac308e029a01b8e3a6b284efc35538bc99f87b4_amd64", "relates_to_product_reference": "8Base-Cryostat-3" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:70c748f3d61253536ee609f0362cce0a1537251bf2ec3d3f4bf7b0d4c002bf67_arm64 as a component of Cryostat 3 on RHEL 8", "product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:70c748f3d61253536ee609f0362cce0a1537251bf2ec3d3f4bf7b0d4c002bf67_arm64" }, "product_reference": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:70c748f3d61253536ee609f0362cce0a1537251bf2ec3d3f4bf7b0d4c002bf67_arm64", "relates_to_product_reference": "8Base-Cryostat-3" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:3755f9226007651bfb010ab235f039b715e8268666133eda974fba742372f1fe_arm64 as a component of Cryostat 3 on RHEL 8", "product_id": "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:3755f9226007651bfb010ab235f039b715e8268666133eda974fba742372f1fe_arm64" }, "product_reference": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:3755f9226007651bfb010ab235f039b715e8268666133eda974fba742372f1fe_arm64", "relates_to_product_reference": "8Base-Cryostat-3" }, { "category": "default_component_of", "full_product_name": { "name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:bc318bc151465d4672c6c07d7535bec2e40d97f7c8d158eefff1f63e242212dd_amd64 as a component of Cryostat 3 on RHEL 8", "product_id": "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:bc318bc151465d4672c6c07d7535bec2e40d97f7c8d158eefff1f63e242212dd_amd64" }, "product_reference": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:bc318bc151465d4672c6c07d7535bec2e40d97f7c8d158eefff1f63e242212dd_amd64", "relates_to_product_reference": "8Base-Cryostat-3" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-24788", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2024-05-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2279814" } ], "notes": [ { "category": "description", "text": "A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net: malformed DNS message can cause infinite loop", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:40623b160d9d1ec30e568a5f2465e973731d7075a75e9494c57f427c80851a58_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:fd46ca2d4426dfb665744232cd43fdf822b1d10ceee56c8a4423eb32f2b02d22_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f32c3f4c83f36f02b43a1134e2b443a15314d514a95920c4a1753fc710b1361c_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f66483faeac9a40cde6071f8a1dbdb94e7925df468b5726c206d10d25bc2f49c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:76e44b49523e3d243d1d73d9790d0941213a03f270b1e76afe07c48e51f15146_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:b2691ae75ad89d02d7d746b9ef13706df5036a724a8ac4de6880c056bd969f5a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:cdf9f0cf5617e77b3aea6e1f5097acfcd48c918c6bb57fc84af7a1f20be40d9a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:f57d01c58423176fdca76af6b4e6d2672b2f7c2cc093e7da317ee5931093dcf8_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:50099a32dd268be7db0e870819705fee473c3c83f213361d2a1ecf4660287c16_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:e4920c127c4ece8796ace167a6032b6afe7b684731782cfa6e9cf376f660f674_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:13eeb08ff96d003bc6eb05be4ce000a34456f7b101f84a58c95ca0df8cd76182_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:cd80dde7f240ed7d600bd869bc32dadeca137b5ab6d1d6d9e8de5c6b71070c34_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:4a49628cbab41240fbe372971e86b32bb6bbd5fbe7143fbbde903f5f36d0e6e0_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:5e7f6388263e592f90d50283678f48825b280b53a2eba722239c7a77a4451b09_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:653f2cce1486cd628cd9fd679ac308e029a01b8e3a6b284efc35538bc99f87b4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:70c748f3d61253536ee609f0362cce0a1537251bf2ec3d3f4bf7b0d4c002bf67_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:3755f9226007651bfb010ab235f039b715e8268666133eda974fba742372f1fe_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:bc318bc151465d4672c6c07d7535bec2e40d97f7c8d158eefff1f63e242212dd_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-24788" }, { "category": "external", "summary": "RHBZ#2279814", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279814" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24788", "url": "https://www.cve.org/CVERecord?id=CVE-2024-24788" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24788", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24788" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2024-2824", "url": "https://pkg.go.dev/vuln/GO-2024-2824" } ], "release_date": "2024-05-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-07-22T10:11:20+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:40623b160d9d1ec30e568a5f2465e973731d7075a75e9494c57f427c80851a58_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:fd46ca2d4426dfb665744232cd43fdf822b1d10ceee56c8a4423eb32f2b02d22_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f32c3f4c83f36f02b43a1134e2b443a15314d514a95920c4a1753fc710b1361c_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f66483faeac9a40cde6071f8a1dbdb94e7925df468b5726c206d10d25bc2f49c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:76e44b49523e3d243d1d73d9790d0941213a03f270b1e76afe07c48e51f15146_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:b2691ae75ad89d02d7d746b9ef13706df5036a724a8ac4de6880c056bd969f5a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:cdf9f0cf5617e77b3aea6e1f5097acfcd48c918c6bb57fc84af7a1f20be40d9a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:f57d01c58423176fdca76af6b4e6d2672b2f7c2cc093e7da317ee5931093dcf8_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:50099a32dd268be7db0e870819705fee473c3c83f213361d2a1ecf4660287c16_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:e4920c127c4ece8796ace167a6032b6afe7b684731782cfa6e9cf376f660f674_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:13eeb08ff96d003bc6eb05be4ce000a34456f7b101f84a58c95ca0df8cd76182_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:cd80dde7f240ed7d600bd869bc32dadeca137b5ab6d1d6d9e8de5c6b71070c34_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:4a49628cbab41240fbe372971e86b32bb6bbd5fbe7143fbbde903f5f36d0e6e0_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:5e7f6388263e592f90d50283678f48825b280b53a2eba722239c7a77a4451b09_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:653f2cce1486cd628cd9fd679ac308e029a01b8e3a6b284efc35538bc99f87b4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:70c748f3d61253536ee609f0362cce0a1537251bf2ec3d3f4bf7b0d4c002bf67_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:3755f9226007651bfb010ab235f039b715e8268666133eda974fba742372f1fe_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:bc318bc151465d4672c6c07d7535bec2e40d97f7c8d158eefff1f63e242212dd_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:4697" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:40623b160d9d1ec30e568a5f2465e973731d7075a75e9494c57f427c80851a58_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:fd46ca2d4426dfb665744232cd43fdf822b1d10ceee56c8a4423eb32f2b02d22_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f32c3f4c83f36f02b43a1134e2b443a15314d514a95920c4a1753fc710b1361c_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f66483faeac9a40cde6071f8a1dbdb94e7925df468b5726c206d10d25bc2f49c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:76e44b49523e3d243d1d73d9790d0941213a03f270b1e76afe07c48e51f15146_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:b2691ae75ad89d02d7d746b9ef13706df5036a724a8ac4de6880c056bd969f5a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:cdf9f0cf5617e77b3aea6e1f5097acfcd48c918c6bb57fc84af7a1f20be40d9a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:f57d01c58423176fdca76af6b4e6d2672b2f7c2cc093e7da317ee5931093dcf8_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:50099a32dd268be7db0e870819705fee473c3c83f213361d2a1ecf4660287c16_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:e4920c127c4ece8796ace167a6032b6afe7b684731782cfa6e9cf376f660f674_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:13eeb08ff96d003bc6eb05be4ce000a34456f7b101f84a58c95ca0df8cd76182_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:cd80dde7f240ed7d600bd869bc32dadeca137b5ab6d1d6d9e8de5c6b71070c34_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:4a49628cbab41240fbe372971e86b32bb6bbd5fbe7143fbbde903f5f36d0e6e0_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:5e7f6388263e592f90d50283678f48825b280b53a2eba722239c7a77a4451b09_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:653f2cce1486cd628cd9fd679ac308e029a01b8e3a6b284efc35538bc99f87b4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:70c748f3d61253536ee609f0362cce0a1537251bf2ec3d3f4bf7b0d4c002bf67_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:3755f9226007651bfb010ab235f039b715e8268666133eda974fba742372f1fe_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:bc318bc151465d4672c6c07d7535bec2e40d97f7c8d158eefff1f63e242212dd_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:40623b160d9d1ec30e568a5f2465e973731d7075a75e9494c57f427c80851a58_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:fd46ca2d4426dfb665744232cd43fdf822b1d10ceee56c8a4423eb32f2b02d22_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f32c3f4c83f36f02b43a1134e2b443a15314d514a95920c4a1753fc710b1361c_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f66483faeac9a40cde6071f8a1dbdb94e7925df468b5726c206d10d25bc2f49c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:76e44b49523e3d243d1d73d9790d0941213a03f270b1e76afe07c48e51f15146_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:b2691ae75ad89d02d7d746b9ef13706df5036a724a8ac4de6880c056bd969f5a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:cdf9f0cf5617e77b3aea6e1f5097acfcd48c918c6bb57fc84af7a1f20be40d9a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:f57d01c58423176fdca76af6b4e6d2672b2f7c2cc093e7da317ee5931093dcf8_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:50099a32dd268be7db0e870819705fee473c3c83f213361d2a1ecf4660287c16_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:e4920c127c4ece8796ace167a6032b6afe7b684731782cfa6e9cf376f660f674_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:13eeb08ff96d003bc6eb05be4ce000a34456f7b101f84a58c95ca0df8cd76182_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:cd80dde7f240ed7d600bd869bc32dadeca137b5ab6d1d6d9e8de5c6b71070c34_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:4a49628cbab41240fbe372971e86b32bb6bbd5fbe7143fbbde903f5f36d0e6e0_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:5e7f6388263e592f90d50283678f48825b280b53a2eba722239c7a77a4451b09_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:653f2cce1486cd628cd9fd679ac308e029a01b8e3a6b284efc35538bc99f87b4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:70c748f3d61253536ee609f0362cce0a1537251bf2ec3d3f4bf7b0d4c002bf67_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:3755f9226007651bfb010ab235f039b715e8268666133eda974fba742372f1fe_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:bc318bc151465d4672c6c07d7535bec2e40d97f7c8d158eefff1f63e242212dd_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net: malformed DNS message can cause infinite loop" }, { "cve": "CVE-2024-24790", "cwe": { "id": "CWE-115", "name": "Misinterpretation of Input" }, "discovery_date": "2024-06-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2292787" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Go language standard library net/netip. The method Is*() (IsPrivate(), IsPublic(), etc) doesn\u0027t behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to control access to resources or data.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses", "title": "Vulnerability summary" }, { "category": "other", "text": "This CVE has been marked as moderate as for our products a network-based attack vector is simply impossible when it comes to golang code,apart from that as per CVE flaw analysis reported by golang, this only affects integrity and confidentiality and has no effect on availability, hence CVSS has been marked as such.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:40623b160d9d1ec30e568a5f2465e973731d7075a75e9494c57f427c80851a58_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:fd46ca2d4426dfb665744232cd43fdf822b1d10ceee56c8a4423eb32f2b02d22_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f32c3f4c83f36f02b43a1134e2b443a15314d514a95920c4a1753fc710b1361c_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f66483faeac9a40cde6071f8a1dbdb94e7925df468b5726c206d10d25bc2f49c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:76e44b49523e3d243d1d73d9790d0941213a03f270b1e76afe07c48e51f15146_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:b2691ae75ad89d02d7d746b9ef13706df5036a724a8ac4de6880c056bd969f5a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:cdf9f0cf5617e77b3aea6e1f5097acfcd48c918c6bb57fc84af7a1f20be40d9a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:f57d01c58423176fdca76af6b4e6d2672b2f7c2cc093e7da317ee5931093dcf8_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:50099a32dd268be7db0e870819705fee473c3c83f213361d2a1ecf4660287c16_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:e4920c127c4ece8796ace167a6032b6afe7b684731782cfa6e9cf376f660f674_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:13eeb08ff96d003bc6eb05be4ce000a34456f7b101f84a58c95ca0df8cd76182_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:cd80dde7f240ed7d600bd869bc32dadeca137b5ab6d1d6d9e8de5c6b71070c34_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:4a49628cbab41240fbe372971e86b32bb6bbd5fbe7143fbbde903f5f36d0e6e0_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:5e7f6388263e592f90d50283678f48825b280b53a2eba722239c7a77a4451b09_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:653f2cce1486cd628cd9fd679ac308e029a01b8e3a6b284efc35538bc99f87b4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:70c748f3d61253536ee609f0362cce0a1537251bf2ec3d3f4bf7b0d4c002bf67_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:3755f9226007651bfb010ab235f039b715e8268666133eda974fba742372f1fe_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:bc318bc151465d4672c6c07d7535bec2e40d97f7c8d158eefff1f63e242212dd_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-24790" }, { "category": "external", "summary": "RHBZ#2292787", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24790", "url": "https://www.cve.org/CVERecord?id=CVE-2024-24790" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790" } ], "release_date": "2024-06-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-07-22T10:11:20+00:00", "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:40623b160d9d1ec30e568a5f2465e973731d7075a75e9494c57f427c80851a58_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:fd46ca2d4426dfb665744232cd43fdf822b1d10ceee56c8a4423eb32f2b02d22_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f32c3f4c83f36f02b43a1134e2b443a15314d514a95920c4a1753fc710b1361c_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f66483faeac9a40cde6071f8a1dbdb94e7925df468b5726c206d10d25bc2f49c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:76e44b49523e3d243d1d73d9790d0941213a03f270b1e76afe07c48e51f15146_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:b2691ae75ad89d02d7d746b9ef13706df5036a724a8ac4de6880c056bd969f5a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:cdf9f0cf5617e77b3aea6e1f5097acfcd48c918c6bb57fc84af7a1f20be40d9a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:f57d01c58423176fdca76af6b4e6d2672b2f7c2cc093e7da317ee5931093dcf8_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:50099a32dd268be7db0e870819705fee473c3c83f213361d2a1ecf4660287c16_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:e4920c127c4ece8796ace167a6032b6afe7b684731782cfa6e9cf376f660f674_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:13eeb08ff96d003bc6eb05be4ce000a34456f7b101f84a58c95ca0df8cd76182_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:cd80dde7f240ed7d600bd869bc32dadeca137b5ab6d1d6d9e8de5c6b71070c34_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:4a49628cbab41240fbe372971e86b32bb6bbd5fbe7143fbbde903f5f36d0e6e0_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:5e7f6388263e592f90d50283678f48825b280b53a2eba722239c7a77a4451b09_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:653f2cce1486cd628cd9fd679ac308e029a01b8e3a6b284efc35538bc99f87b4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:70c748f3d61253536ee609f0362cce0a1537251bf2ec3d3f4bf7b0d4c002bf67_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:3755f9226007651bfb010ab235f039b715e8268666133eda974fba742372f1fe_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:bc318bc151465d4672c6c07d7535bec2e40d97f7c8d158eefff1f63e242212dd_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:4697" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:40623b160d9d1ec30e568a5f2465e973731d7075a75e9494c57f427c80851a58_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:fd46ca2d4426dfb665744232cd43fdf822b1d10ceee56c8a4423eb32f2b02d22_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f32c3f4c83f36f02b43a1134e2b443a15314d514a95920c4a1753fc710b1361c_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f66483faeac9a40cde6071f8a1dbdb94e7925df468b5726c206d10d25bc2f49c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:76e44b49523e3d243d1d73d9790d0941213a03f270b1e76afe07c48e51f15146_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:b2691ae75ad89d02d7d746b9ef13706df5036a724a8ac4de6880c056bd969f5a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:cdf9f0cf5617e77b3aea6e1f5097acfcd48c918c6bb57fc84af7a1f20be40d9a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:f57d01c58423176fdca76af6b4e6d2672b2f7c2cc093e7da317ee5931093dcf8_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:50099a32dd268be7db0e870819705fee473c3c83f213361d2a1ecf4660287c16_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:e4920c127c4ece8796ace167a6032b6afe7b684731782cfa6e9cf376f660f674_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:13eeb08ff96d003bc6eb05be4ce000a34456f7b101f84a58c95ca0df8cd76182_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:cd80dde7f240ed7d600bd869bc32dadeca137b5ab6d1d6d9e8de5c6b71070c34_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:4a49628cbab41240fbe372971e86b32bb6bbd5fbe7143fbbde903f5f36d0e6e0_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:5e7f6388263e592f90d50283678f48825b280b53a2eba722239c7a77a4451b09_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:653f2cce1486cd628cd9fd679ac308e029a01b8e3a6b284efc35538bc99f87b4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:70c748f3d61253536ee609f0362cce0a1537251bf2ec3d3f4bf7b0d4c002bf67_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:3755f9226007651bfb010ab235f039b715e8268666133eda974fba742372f1fe_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:bc318bc151465d4672c6c07d7535bec2e40d97f7c8d158eefff1f63e242212dd_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:40623b160d9d1ec30e568a5f2465e973731d7075a75e9494c57f427c80851a58_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:fd46ca2d4426dfb665744232cd43fdf822b1d10ceee56c8a4423eb32f2b02d22_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f32c3f4c83f36f02b43a1134e2b443a15314d514a95920c4a1753fc710b1361c_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:f66483faeac9a40cde6071f8a1dbdb94e7925df468b5726c206d10d25bc2f49c_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:76e44b49523e3d243d1d73d9790d0941213a03f270b1e76afe07c48e51f15146_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:b2691ae75ad89d02d7d746b9ef13706df5036a724a8ac4de6880c056bd969f5a_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:cdf9f0cf5617e77b3aea6e1f5097acfcd48c918c6bb57fc84af7a1f20be40d9a_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:f57d01c58423176fdca76af6b4e6d2672b2f7c2cc093e7da317ee5931093dcf8_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:50099a32dd268be7db0e870819705fee473c3c83f213361d2a1ecf4660287c16_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:e4920c127c4ece8796ace167a6032b6afe7b684731782cfa6e9cf376f660f674_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:13eeb08ff96d003bc6eb05be4ce000a34456f7b101f84a58c95ca0df8cd76182_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:cd80dde7f240ed7d600bd869bc32dadeca137b5ab6d1d6d9e8de5c6b71070c34_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:4a49628cbab41240fbe372971e86b32bb6bbd5fbe7143fbbde903f5f36d0e6e0_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:5e7f6388263e592f90d50283678f48825b280b53a2eba722239c7a77a4451b09_arm64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:653f2cce1486cd628cd9fd679ac308e029a01b8e3a6b284efc35538bc99f87b4_amd64", "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:70c748f3d61253536ee609f0362cce0a1537251bf2ec3d3f4bf7b0d4c002bf67_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:3755f9226007651bfb010ab235f039b715e8268666133eda974fba742372f1fe_arm64", "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:bc318bc151465d4672c6c07d7535bec2e40d97f7c8d158eefff1f63e242212dd_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses" } ] }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.