RHSA-2025:3069
Vulnerability from csaf_redhat - Published: 2025-03-20 08:37 - Updated: 2026-05-21 01:32Summary
Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.14.3 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat OpenShift GitOps v1.14.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Errata Advisory for Red Hat OpenShift GitOps v1.14.3.
Security Fix(es):
* openshift-gitops-argocd-rhel9-container: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto [gitops-1.14](CVE-2024-45337)
* openshift-gitops-container: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto [gitops-1.14](CVE-2024-45337)
* openshift-gitops-argocd-rhel9-container: Argo CD does not scrub secret values from patch errors [gitops-1.14](CVE-2025-23216)
* openshift-gitops-container: Argo CD does not scrub secret values from patch errors [gitops-1.14](CVE-2025-23216)
* openshift-gitops-operator-bundle-container: Argo CD does not scrub secret values from patch errors [gitops-1.14](CVE-2025-23216)
* openshift-gitops-operator-container: Argo CD does not scrub secret values from patch errors [gitops-1.14](CVE-2025-23216)
* openshift-gitops-container: Argo CD does not scrub secret values from patch errors [gitops-1.14](CVE-2025-23216)
* openshift-gitops-console-plugin-container: Improper input validation in PostCSS [gitops-1.14](CVE-2023-44270)
* openshift-gitops-argo-rollouts-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html [gitops-1.14](CVE-2024-45338)
* openshift-gitops-argocd-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html [gitops-1.14](CVE-2024-45338)
* openshift-gitops-argocd-rhel9-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html [gitops-1.14](CVE-2024-45338)
* openshift-gitops-dex-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html [gitops-1.14](CVE-2024-45338)
* openshift-gitops-argocd-container: argument injection via the URL field [gitops-1.14](CVE-2025-21613)
* openshift-gitops-argocd-rhel9-container: go-git clients vulnerable to DoS via maliciously crafted Git server replies [gitops-1.14](CVE-2025-21614)
* openshift-gitops-argocd-container: go-git clients vulnerable to DoS via maliciously crafted Git server replies [gitops-1.14](CVE-2025-21614)
* openshift-gitops-container: go-git clients vulnerable to DoS via maliciously crafted Git server replies [gitops-1.14](CVE-2025-21614)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
There's a flaw in the PostCSS package where it fails to properly validate the input CSS, causing commented lines to be interpreted as code. An attacker may leverage that by crafting a CSS file with comments containing CSS code in order to force PostCSS to include the malicious CSS elements in its output. An successful attack may lead to integrity impact as it may inject elements in a web page when parsing untrusted CSS input.
5.3 (Medium)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.
8.2 (High)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
7.5 (High)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
An argument injection vulnerability was found in go-git. This flaw allows an attacker to set arbitrary values to git-upload-pack flags, leading to command or code execution, exposure of sensitive data, or other unintended behavior. This is only possible in configurations where the file transport protocol is being used.
8.1 (High)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A denial of service (DoS) vulnerability was found in go-git. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which triggers resource exhaustion in go-git clients.
7.5 (High)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability was found in Argo CD where secret values can be exposed in error messages when an invalid Kubernetes Secret resource is synced from a repository. An attacker must have write access to the repository and any user with read access can view the exposed data.
6.8 (Medium)
Affected products
Fixed
35 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
55 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift GitOps v1.14.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Errata Advisory for Red Hat OpenShift GitOps v1.14.3.\n\nSecurity Fix(es):\n\n* openshift-gitops-argocd-rhel9-container: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto [gitops-1.14](CVE-2024-45337)\n* openshift-gitops-container: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto [gitops-1.14](CVE-2024-45337)\n* openshift-gitops-argocd-rhel9-container: Argo CD does not scrub secret values from patch errors [gitops-1.14](CVE-2025-23216)\n* openshift-gitops-container: Argo CD does not scrub secret values from patch errors [gitops-1.14](CVE-2025-23216)\n* openshift-gitops-operator-bundle-container: Argo CD does not scrub secret values from patch errors [gitops-1.14](CVE-2025-23216)\n* openshift-gitops-operator-container: Argo CD does not scrub secret values from patch errors [gitops-1.14](CVE-2025-23216)\n* openshift-gitops-container: Argo CD does not scrub secret values from patch errors [gitops-1.14](CVE-2025-23216)\n* openshift-gitops-console-plugin-container: Improper input validation in PostCSS [gitops-1.14](CVE-2023-44270)\n* openshift-gitops-argo-rollouts-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html [gitops-1.14](CVE-2024-45338)\n* openshift-gitops-argocd-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html [gitops-1.14](CVE-2024-45338)\n* openshift-gitops-argocd-rhel9-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html [gitops-1.14](CVE-2024-45338)\n* openshift-gitops-dex-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html [gitops-1.14](CVE-2024-45338)\n* openshift-gitops-argocd-container: argument injection via the URL field [gitops-1.14](CVE-2025-21613)\n* openshift-gitops-argocd-rhel9-container: go-git clients vulnerable to DoS via maliciously crafted Git server replies [gitops-1.14](CVE-2025-21614)\n* openshift-gitops-argocd-container: go-git clients vulnerable to DoS via maliciously crafted Git server replies [gitops-1.14](CVE-2025-21614)\n* openshift-gitops-container: go-git clients vulnerable to DoS via maliciously crafted Git server replies [gitops-1.14](CVE-2025-21614)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:3069",
"url": "https://access.redhat.com/errata/RHSA-2025:3069"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2326998",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326998"
},
{
"category": "external",
"summary": "2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "2335888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335888"
},
{
"category": "external",
"summary": "2335901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335901"
},
{
"category": "external",
"summary": "2342987",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342987"
},
{
"category": "external",
"summary": "GITOPS-5970",
"url": "https://issues.redhat.com/browse/GITOPS-5970"
},
{
"category": "external",
"summary": "GITOPS-5978",
"url": "https://issues.redhat.com/browse/GITOPS-5978"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3069.json"
}
],
"title": "Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.14.3 security update",
"tracking": {
"current_release_date": "2026-05-21T01:32:20+00:00",
"generator": {
"date": "2026-05-21T01:32:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2025:3069",
"initial_release_date": "2025-03-20T08:37:59+00:00",
"revision_history": [
{
"date": "2025-03-20T08:37:59+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-20T08:37:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-21T01:32:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.14",
"product": {
"name": "Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.14::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.14",
"product": {
"name": "Red Hat OpenShift GitOps 1.14",
"product_id": "9Base-GitOps-1.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.14::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"product": {
"name": "openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"product_id": "openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel9\u0026tag=v1.14.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.14.3-4"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.14.3-4"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.14.3-4"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64",
"product_id": "openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel9\u0026tag=v1.14.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"product": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.14.3-4"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.14.3-4"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64"
},
"product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64"
},
"product_reference": "openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"relates_to_product_reference": "9Base-GitOps-1.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64 as a component of Red Hat OpenShift GitOps 1.14",
"product_id": "9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64",
"relates_to_product_reference": "9Base-GitOps-1.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-44270",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2024-11-18T14:11:50.400987+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2326998"
}
],
"notes": [
{
"category": "description",
"text": "There\u0027s a flaw in the PostCSS package where it fails to properly validate the input CSS, causing commented lines to be interpreted as code. An attacker may leverage that by crafting a CSS file with comments containing CSS code in order to force PostCSS to include the malicious CSS elements in its output. An successful attack may lead to integrity impact as it may inject elements in a web page when parsing untrusted CSS input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "PostCSS: Improper input validation in PostCSS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44270"
},
{
"category": "external",
"summary": "RHBZ#2326998",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326998"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44270",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44270"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44270",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44270"
},
{
"category": "external",
"summary": "https://github.com/github/advisory-database/issues/2820",
"url": "https://github.com/github/advisory-database/issues/2820"
},
{
"category": "external",
"summary": "https://github.com/postcss/postcss/blob/main/lib/tokenize.js#L25",
"url": "https://github.com/postcss/postcss/blob/main/lib/tokenize.js#L25"
},
{
"category": "external",
"summary": "https://github.com/postcss/postcss/commit/58cc860b4c1707510c9cd1bc1fa30b423a9ad6c5",
"url": "https://github.com/postcss/postcss/commit/58cc860b4c1707510c9cd1bc1fa30b423a9ad6c5"
},
{
"category": "external",
"summary": "https://github.com/postcss/postcss/releases/tag/8.4.31",
"url": "https://github.com/postcss/postcss/releases/tag/8.4.31"
}
],
"release_date": "2023-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-20T08:37:59+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3069"
},
{
"category": "workaround",
"details": "There\u0027s no known mitigation for this issue. Red Hat recommends to not parse untrusted CSS input using PostCSS.",
"product_ids": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "PostCSS: Improper input validation in PostCSS"
},
{
"cve": "CVE-2024-45337",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-12-11T19:00:54.247490+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as important rather than critical because it does not directly enable unauthorized access but rather introduces a risk of authorization bypass if the application or library misuses the PublicKeyCallback API. The vulnerability relies on incorrect assumptions made by the application when handling the sequence or state of keys provided during SSH authentication. Properly implemented systems that use the Permissions field or avoid relying on external state remain unaffected. Additionally, the vulnerability does not allow direct exploitation to gain control over a system without the presence of insecure logic in the application\u0027s handling of authentication attempts.\n\n\nRed Hat Enterprise Linux(RHEL) 8 \u0026 9 and Red Hat Openshift marked as not affected as it was determined that the problem function `ServerConfig.PublicKeyCallback`, as noted in the CVE-2024-45337 issue, is not called by Podman, Buildah, containers-common, or the gvisor-tap-vsock projects.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "RHBZ#2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909",
"url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
},
{
"category": "external",
"summary": "https://go.dev/cl/635315",
"url": "https://go.dev/cl/635315"
},
{
"category": "external",
"summary": "https://go.dev/issue/70779",
"url": "https://go.dev/issue/70779"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3321",
"url": "https://pkg.go.dev/vuln/GO-2024-3321"
}
],
"release_date": "2024-12-11T18:55:58.506000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-20T08:37:59+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3069"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-20T08:37:59+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3069"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2025-21613",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"discovery_date": "2025-01-06T17:00:41.244449+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2335888"
}
],
"notes": [
{
"category": "description",
"text": "An argument injection vulnerability was found in go-git. This flaw allows an attacker to set arbitrary values to git-upload-pack flags, leading to command or code execution, exposure of sensitive data, or other unintended behavior. This is only possible in configurations where the file transport protocol is being used.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-git: argument injection via the URL field",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an argument injection has been discovered in go-git, where an attackers can manipulate git-upload-pack flags, potentially enabling command or code execution leads to an exposure of sensitive data or other unintended actions, this vulnerability occurs exclusively in configurations using the file transport protocol.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-21613"
},
{
"category": "external",
"summary": "RHBZ#2335888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335888"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-21613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21613"
},
{
"category": "external",
"summary": "https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m",
"url": "https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3368",
"url": "https://pkg.go.dev/vuln/GO-2025-3368"
}
],
"release_date": "2025-01-06T16:13:10.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-20T08:37:59+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3069"
},
{
"category": "workaround",
"details": "In cases where it is not possible to update to the latest version of go-git, it is recommended to enforce validation rules for values passed in the URL field.",
"product_ids": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "go-git: argument injection via the URL field"
},
{
"cve": "CVE-2025-21614",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-01-06T17:01:36.743039+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2335901"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service (DoS) vulnerability was found in go-git. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which triggers resource exhaustion in go-git clients.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-21614"
},
{
"category": "external",
"summary": "RHBZ#2335901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335901"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-21614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21614"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-21614",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21614"
},
{
"category": "external",
"summary": "https://github.com/go-git/go-git/security/advisories/GHSA-r9px-m959-cxf4",
"url": "https://github.com/go-git/go-git/security/advisories/GHSA-r9px-m959-cxf4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3367",
"url": "https://pkg.go.dev/vuln/GO-2025-3367"
}
],
"release_date": "2025-01-06T16:20:16.140000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-20T08:37:59+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3069"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "go-git: go-git clients vulnerable to DoS via maliciously crafted Git server replies"
},
{
"cve": "CVE-2025-23216",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2025-01-30T16:00:59.817443+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2342987"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Argo CD where secret values can be exposed in error messages when an invalid Kubernetes Secret resource is synced from a repository. An attacker must have write access to the repository and any user with read access can view the exposed data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "argocd: Argo CD does not scrub secret values from patch errors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-23216"
},
{
"category": "external",
"summary": "RHBZ#2342987",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342987"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-23216",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23216"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-23216",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23216"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/commit/6f5537bdf15ddbaa0f27a1a678632ff0743e4107",
"url": "https://github.com/argoproj/argo-cd/commit/6f5537bdf15ddbaa0f27a1a678632ff0743e4107"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-47g2-qmh2-749v",
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-47g2-qmh2-749v"
},
{
"category": "external",
"summary": "https://github.com/argoproj/gitops-engine/commit/7e21b91e9d0f64104c8a661f3f390c5e6d73ddca",
"url": "https://github.com/argoproj/gitops-engine/commit/7e21b91e9d0f64104c8a661f3f390c5e6d73ddca"
}
],
"release_date": "2025-01-30T15:30:05.405000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-20T08:37:59+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3069"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:868a4e993d8963e4fb64c1845f54f916f335d3c59f0596e966c6d926373f6ee1_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:9b883e71b2d12f8872b3a37b383087a488f9b74ddde0e0c6daf6ee04bdf15881_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:bf7f9ca8f33c935df306554b778e5291bcff9e92b7e9122498b0ad71d58b9166_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argo-rollouts-rhel8@sha256:ce0677023395a6d7c9598b820c6eb73b651eaa698aef9f5c27a25884fba5d643_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:04523979e4ab58120d959f88503957b1e13122952e3de03d9f0540f1e574c0d6_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:64df9d55e7196fe56ebab88071f115d7fea26fa4396109bbf3bae11ffbf1f3a5_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:9017ef8967ebe3a14ea1e07d0a9624ef126b2928e233f09451aeea89a7f09366_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/argocd-rhel8@sha256:ecb181ba7dfd4a5cdffa8ba9ca251dc4875ad7f41e9d60c4cc0a3462c233e489_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:050b358e7512599f412fddf711f8731d821223ba76c460b114fe4c4bfaf7cf1b_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:83ba395adbfdae8d4973cea02ead8392089ac1051edd11e7defc6d07a122bca2_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:dc4d641c87a3b65208ef2b46398f64ae69465daeb84b4d1022062d6c5f7347dc_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/console-plugin-rhel8@sha256:e6eba59c8336bde1ed98947b2d4c626feb2113037bc724bd881f25b7f155f47b_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:065b95a1612d15b3a7de1c5822555851535199711cc3890d56d7cb01e01666b3_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:1c59649ad569e25c3445e9655c8061b7f0b769514c0739f2e080216a55ca39c7_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:490512fefae58c6092394c8e751b7c1761583bff23b815e6f1649d55e9d43002_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/dex-rhel8@sha256:605123efdd9f31243e039929322b4a4f6ad160baaebce188fdbf2c4e7ff663ff_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-operator-bundle@sha256:ba442571ef9180765055f5224548c73e3da2be31731f8dd5b6b1beaf3e6732ee_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:1b81b7c26d7a848797f9944254963a89c3f6f0e727355bafcda5e483fee7b848_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:2caf6bd42e10f063d0991740706946d4205bf49540865bd4ed9091176add2aed_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:951de21fc848014beb5db2f7307ef639c6c76ec6eb7036b18c07047c8a914c48_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8-operator@sha256:ed04d67b3bd9ebc21a0aa2503823e5a476da44caa165999a33670198f5d1be37_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:72e761f1d00b0a322d4a7a10c824fe88e4ac7e156a279694b75ce3b42be0b6d6_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d20615c230e1b888bacdc374763eeca9b1f7612741f8ba52ded483ac688b858d_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:d86dcd96af06a338b577d9c940e6316ed9a807b9fc6a33d9f5c96e2b703679b8_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/gitops-rhel8@sha256:f07aa6ccdc324a2631fc01b1f4af4317cdc0471c673bd8f5bf24560e0f012dd9_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:30b687a8309c17d5b4f5be6439b59f2dc540a306d625ee34bdf72626dc36c105_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:62e1ab7267cfd3536c3b2ba9592dffb7fb979cbb039a1a90320a03b751d5f728_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:b5ba9620f23fed74b983a090cec19f6ed74ddffdd1be7d9d89f1201c0c83c1b1_ppc64le",
"8Base-GitOps-1.14:openshift-gitops-1/kam-delivery-rhel8@sha256:c0ec76e307a2867dc1064a3470e17a2e1533233e1a119ce5f32e2b3c07428d08_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:a909f1ebb5cf719e4308bbd162fea14e66b0ad6f7e91163699e8f9cbf61ec852_arm64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:c997c25ec7fee2ce060c6772925548af8d36146ed4632557852a948f496c9823_s390x",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:e543925d538de28ab98c71841a47d4384c4354add0fb3457500aafc618be79d9_amd64",
"8Base-GitOps-1.14:openshift-gitops-1/must-gather-rhel8@sha256:fcbfff3d353947889e627035d1d52d4533ce5713c7e1951d90417bb228499143_ppc64le",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:afe138c16496c84126ecbd5baac4223e61f15ee30ec0249468ed3335ab7d4814_arm64",
"9Base-GitOps-1.14:openshift-gitops-1/argocd-rhel9@sha256:cb21a99b094e4609050927687050d8a95675d212bec76e981635ef192925d8ba_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "argocd: Argo CD does not scrub secret values from patch errors"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…