RHSA-2025:3922
Vulnerability from csaf_redhat - Published: 2025-04-15 17:24 - Updated: 2026-01-29 21:38Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.10
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.5.10
This update has a security impact of Moderate. A Common Vulnerability Scoring
System (CVSS) base score, which gives a detailed severity rating, is available
for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service
mesh project, tailored for installation into an OpenShift Container Platform
installation.
Security Fix(es):
* openshift-istio-kiali-rhel8-container: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)
* openshift-istio-kiali-rhel8-container: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec (CVE-2025-22866)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.5.10\n\nThis update has a security impact of Moderate. A Common Vulnerability Scoring\nSystem (CVSS) base score, which gives a detailed severity rating, is available\nfor each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service\nmesh project, tailored for installation into an OpenShift Container Platform\ninstallation.\n\nSecurity Fix(es):\n\n* openshift-istio-kiali-rhel8-container: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)\n* openshift-istio-kiali-rhel8-container: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec (CVE-2025-22866)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s)\nlisted in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:3922",
"url": "https://access.redhat.com/errata/RHSA-2025:3922"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2341751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2341751"
},
{
"category": "external",
"summary": "2344219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2344219"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3922.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.10",
"tracking": {
"current_release_date": "2026-01-29T21:38:51+00:00",
"generator": {
"date": "2026-01-29T21:38:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2025:3922",
"initial_release_date": "2025-04-15T17:24:31+00:00",
"revision_history": [
{
"date": "2025-04-15T17:24:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-04-15T17:24:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-29T21:38:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.5 for RHEL 8",
"product": {
"name": "RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.5::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:30059f1449c3397fa40946efa91ab009be4d56dda97116e471f62495d94f9446_s390x",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:30059f1449c3397fa40946efa91ab009be4d56dda97116e471f62495d94f9446_s390x",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:30059f1449c3397fa40946efa91ab009be4d56dda97116e471f62495d94f9446_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:30059f1449c3397fa40946efa91ab009be4d56dda97116e471f62495d94f9446?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.18-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:eee7614663e691a38b9aeb9a3d24edaeab8c14aca913c4a4590f879e94c4f149_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:eee7614663e691a38b9aeb9a3d24edaeab8c14aca913c4a4590f879e94c4f149_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:eee7614663e691a38b9aeb9a3d24edaeab8c14aca913c4a4590f879e94c4f149_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:eee7614663e691a38b9aeb9a3d24edaeab8c14aca913c4a4590f879e94c4f149?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.10-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:d5dbb543c850a8e1e3906b612726833716f456b62a4011b1f8dab9cd22c59c01_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:d5dbb543c850a8e1e3906b612726833716f456b62a4011b1f8dab9cd22c59c01_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:d5dbb543c850a8e1e3906b612726833716f456b62a4011b1f8dab9cd22c59c01_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:d5dbb543c850a8e1e3906b612726833716f456b62a4011b1f8dab9cd22c59c01?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.10-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:d1915eb9104878a80d8dabe2d94d08fb05ebb2fd8f98eeac5db583c6a8523654_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:d1915eb9104878a80d8dabe2d94d08fb05ebb2fd8f98eeac5db583c6a8523654_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:d1915eb9104878a80d8dabe2d94d08fb05ebb2fd8f98eeac5db583c6a8523654_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:d1915eb9104878a80d8dabe2d94d08fb05ebb2fd8f98eeac5db583c6a8523654?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.20-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:bde8c5073241fad487f3f649913cf7de45c5d9752038060e5fa068b11509c521_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:bde8c5073241fad487f3f649913cf7de45c5d9752038060e5fa068b11509c521_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:bde8c5073241fad487f3f649913cf7de45c5d9752038060e5fa068b11509c521_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:bde8c5073241fad487f3f649913cf7de45c5d9752038060e5fa068b11509c521?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.10-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:7e56a2232e872992d9445fd40347c92801d32b215c3ecb73ae9667ff6931108a_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:7e56a2232e872992d9445fd40347c92801d32b215c3ecb73ae9667ff6931108a_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:7e56a2232e872992d9445fd40347c92801d32b215c3ecb73ae9667ff6931108a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:7e56a2232e872992d9445fd40347c92801d32b215c3ecb73ae9667ff6931108a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.10-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:80de017468569ad56c876902347a5210259ea37768d68926fc26c247ed57c415_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:80de017468569ad56c876902347a5210259ea37768d68926fc26c247ed57c415_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:80de017468569ad56c876902347a5210259ea37768d68926fc26c247ed57c415_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:80de017468569ad56c876902347a5210259ea37768d68926fc26c247ed57c415?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.10-5"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:e7631c53bc0aeb4756aec062bc2af6b6dc10d866c527cda043cb29352e912315_amd64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:e7631c53bc0aeb4756aec062bc2af6b6dc10d866c527cda043cb29352e912315_amd64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:e7631c53bc0aeb4756aec062bc2af6b6dc10d866c527cda043cb29352e912315_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:e7631c53bc0aeb4756aec062bc2af6b6dc10d866c527cda043cb29352e912315?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.18-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:69d4c2058d655572e30311736a9c8d375a106d6bb5aacd79ef7446ab56709563_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:69d4c2058d655572e30311736a9c8d375a106d6bb5aacd79ef7446ab56709563_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:69d4c2058d655572e30311736a9c8d375a106d6bb5aacd79ef7446ab56709563_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:69d4c2058d655572e30311736a9c8d375a106d6bb5aacd79ef7446ab56709563?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.10-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:b26108c4cef97feb0ae24c1e8339d7bde1713970b784849ca1215b7715d9787c_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:b26108c4cef97feb0ae24c1e8339d7bde1713970b784849ca1215b7715d9787c_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:b26108c4cef97feb0ae24c1e8339d7bde1713970b784849ca1215b7715d9787c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:b26108c4cef97feb0ae24c1e8339d7bde1713970b784849ca1215b7715d9787c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.10-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:84e1ef5d6a8b2819886e931a3571b9d011fe78c1eeb833698fe2097c3a686470_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:84e1ef5d6a8b2819886e931a3571b9d011fe78c1eeb833698fe2097c3a686470_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:84e1ef5d6a8b2819886e931a3571b9d011fe78c1eeb833698fe2097c3a686470_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:84e1ef5d6a8b2819886e931a3571b9d011fe78c1eeb833698fe2097c3a686470?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.20-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:0dbfe58c19fed17005e091d3f436c9929eabd9749befa3631848121ddabe011f_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:0dbfe58c19fed17005e091d3f436c9929eabd9749befa3631848121ddabe011f_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:0dbfe58c19fed17005e091d3f436c9929eabd9749befa3631848121ddabe011f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:0dbfe58c19fed17005e091d3f436c9929eabd9749befa3631848121ddabe011f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.10-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:5dd12b1fd952bd8cb68a387a290a8d72ea7b148d37c2901df8f347193a0b7e42_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:5dd12b1fd952bd8cb68a387a290a8d72ea7b148d37c2901df8f347193a0b7e42_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:5dd12b1fd952bd8cb68a387a290a8d72ea7b148d37c2901df8f347193a0b7e42_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:5dd12b1fd952bd8cb68a387a290a8d72ea7b148d37c2901df8f347193a0b7e42?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.10-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:15ca7df31562c1b3941f2d626566dd9e0fb7f6d6f250eb18ff4588c669b6fb34_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:15ca7df31562c1b3941f2d626566dd9e0fb7f6d6f250eb18ff4588c669b6fb34_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:15ca7df31562c1b3941f2d626566dd9e0fb7f6d6f250eb18ff4588c669b6fb34_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:15ca7df31562c1b3941f2d626566dd9e0fb7f6d6f250eb18ff4588c669b6fb34?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.10-5"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:13dcb4d7d8a4cb0b9d558e5d109ada4edbdd4010d02b684706f5710a141fcc8f_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:13dcb4d7d8a4cb0b9d558e5d109ada4edbdd4010d02b684706f5710a141fcc8f_ppc64le",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:13dcb4d7d8a4cb0b9d558e5d109ada4edbdd4010d02b684706f5710a141fcc8f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:13dcb4d7d8a4cb0b9d558e5d109ada4edbdd4010d02b684706f5710a141fcc8f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.18-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3b92a8c34e3a06bdd1434cadbdb841ec1826a1500da693cfe7e8824142370e14_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3b92a8c34e3a06bdd1434cadbdb841ec1826a1500da693cfe7e8824142370e14_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:3b92a8c34e3a06bdd1434cadbdb841ec1826a1500da693cfe7e8824142370e14_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:3b92a8c34e3a06bdd1434cadbdb841ec1826a1500da693cfe7e8824142370e14?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.10-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:c5d07b8b521b72c1f894dd24c6828dd36d19390917f5bc2667eea4a7dac041fa_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:c5d07b8b521b72c1f894dd24c6828dd36d19390917f5bc2667eea4a7dac041fa_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:c5d07b8b521b72c1f894dd24c6828dd36d19390917f5bc2667eea4a7dac041fa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:c5d07b8b521b72c1f894dd24c6828dd36d19390917f5bc2667eea4a7dac041fa?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.10-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:f808b2e9c12c0380686af71f5a87b39f611be4a694523d65ca87479a8f105c96_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:f808b2e9c12c0380686af71f5a87b39f611be4a694523d65ca87479a8f105c96_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:f808b2e9c12c0380686af71f5a87b39f611be4a694523d65ca87479a8f105c96_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:f808b2e9c12c0380686af71f5a87b39f611be4a694523d65ca87479a8f105c96?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.20-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:f0a183a03e2a2159b7f4de429e64da43fe3ea8baa58aa5582177d8809f55d259_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:f0a183a03e2a2159b7f4de429e64da43fe3ea8baa58aa5582177d8809f55d259_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:f0a183a03e2a2159b7f4de429e64da43fe3ea8baa58aa5582177d8809f55d259_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:f0a183a03e2a2159b7f4de429e64da43fe3ea8baa58aa5582177d8809f55d259?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.10-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:59b5667d37aa167350f70d8d4c353c00bb5948dc82aab6860a49989f85bdbf86_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:59b5667d37aa167350f70d8d4c353c00bb5948dc82aab6860a49989f85bdbf86_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:59b5667d37aa167350f70d8d4c353c00bb5948dc82aab6860a49989f85bdbf86_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:59b5667d37aa167350f70d8d4c353c00bb5948dc82aab6860a49989f85bdbf86?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.10-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:43dd45558fabc8c174a15cfee660494dab76f324472c5a3ac58377c66b212b91_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:43dd45558fabc8c174a15cfee660494dab76f324472c5a3ac58377c66b212b91_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:43dd45558fabc8c174a15cfee660494dab76f324472c5a3ac58377c66b212b91_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:43dd45558fabc8c174a15cfee660494dab76f324472c5a3ac58377c66b212b91?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.10-5"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:5bfcc66f0dcaa577496389ba4a9d768c8d7e2b23dab37e8a654b23e55b4196de_arm64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:5bfcc66f0dcaa577496389ba4a9d768c8d7e2b23dab37e8a654b23e55b4196de_arm64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:5bfcc66f0dcaa577496389ba4a9d768c8d7e2b23dab37e8a654b23e55b4196de_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:5bfcc66f0dcaa577496389ba4a9d768c8d7e2b23dab37e8a654b23e55b4196de?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.18-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ce581d6ca8b4a780b9725c794cb20e86b944a346babffa2c06189d6b712335f2_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ce581d6ca8b4a780b9725c794cb20e86b944a346babffa2c06189d6b712335f2_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:ce581d6ca8b4a780b9725c794cb20e86b944a346babffa2c06189d6b712335f2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:ce581d6ca8b4a780b9725c794cb20e86b944a346babffa2c06189d6b712335f2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.10-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:4ca2cc3742e64531273fc1b35511fffe352e65a5527ae041c7bf2075f5b29911_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:4ca2cc3742e64531273fc1b35511fffe352e65a5527ae041c7bf2075f5b29911_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:4ca2cc3742e64531273fc1b35511fffe352e65a5527ae041c7bf2075f5b29911_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:4ca2cc3742e64531273fc1b35511fffe352e65a5527ae041c7bf2075f5b29911?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.10-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:c415dd0b81e26dbcc2b8d03aff026e02c04d0145dd2fed95a4f48802d8aa422d_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:c415dd0b81e26dbcc2b8d03aff026e02c04d0145dd2fed95a4f48802d8aa422d_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:c415dd0b81e26dbcc2b8d03aff026e02c04d0145dd2fed95a4f48802d8aa422d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:c415dd0b81e26dbcc2b8d03aff026e02c04d0145dd2fed95a4f48802d8aa422d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.20-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:a88a232308fc41065171f1bc00d2732c3f3f20316017fa9756335d4bef9e0a9d_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:a88a232308fc41065171f1bc00d2732c3f3f20316017fa9756335d4bef9e0a9d_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:a88a232308fc41065171f1bc00d2732c3f3f20316017fa9756335d4bef9e0a9d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:a88a232308fc41065171f1bc00d2732c3f3f20316017fa9756335d4bef9e0a9d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.10-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:7f3779207257346928fb1fc887eb53a7bcc1036068497c34081511274ab16693_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:7f3779207257346928fb1fc887eb53a7bcc1036068497c34081511274ab16693_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:7f3779207257346928fb1fc887eb53a7bcc1036068497c34081511274ab16693_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:7f3779207257346928fb1fc887eb53a7bcc1036068497c34081511274ab16693?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.10-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:95ffba5e1be1911ebaa7e29b7af35a2fc1f6e42deaf09d28ce5af3663b9179af_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:95ffba5e1be1911ebaa7e29b7af35a2fc1f6e42deaf09d28ce5af3663b9179af_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:95ffba5e1be1911ebaa7e29b7af35a2fc1f6e42deaf09d28ce5af3663b9179af_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:95ffba5e1be1911ebaa7e29b7af35a2fc1f6e42deaf09d28ce5af3663b9179af?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.10-5"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:4ca2cc3742e64531273fc1b35511fffe352e65a5527ae041c7bf2075f5b29911_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:4ca2cc3742e64531273fc1b35511fffe352e65a5527ae041c7bf2075f5b29911_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:4ca2cc3742e64531273fc1b35511fffe352e65a5527ae041c7bf2075f5b29911_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:b26108c4cef97feb0ae24c1e8339d7bde1713970b784849ca1215b7715d9787c_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b26108c4cef97feb0ae24c1e8339d7bde1713970b784849ca1215b7715d9787c_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:b26108c4cef97feb0ae24c1e8339d7bde1713970b784849ca1215b7715d9787c_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:c5d07b8b521b72c1f894dd24c6828dd36d19390917f5bc2667eea4a7dac041fa_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c5d07b8b521b72c1f894dd24c6828dd36d19390917f5bc2667eea4a7dac041fa_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:c5d07b8b521b72c1f894dd24c6828dd36d19390917f5bc2667eea4a7dac041fa_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:d5dbb543c850a8e1e3906b612726833716f456b62a4011b1f8dab9cd22c59c01_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:d5dbb543c850a8e1e3906b612726833716f456b62a4011b1f8dab9cd22c59c01_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:d5dbb543c850a8e1e3906b612726833716f456b62a4011b1f8dab9cd22c59c01_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3b92a8c34e3a06bdd1434cadbdb841ec1826a1500da693cfe7e8824142370e14_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3b92a8c34e3a06bdd1434cadbdb841ec1826a1500da693cfe7e8824142370e14_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:3b92a8c34e3a06bdd1434cadbdb841ec1826a1500da693cfe7e8824142370e14_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:69d4c2058d655572e30311736a9c8d375a106d6bb5aacd79ef7446ab56709563_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:69d4c2058d655572e30311736a9c8d375a106d6bb5aacd79ef7446ab56709563_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:69d4c2058d655572e30311736a9c8d375a106d6bb5aacd79ef7446ab56709563_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:ce581d6ca8b4a780b9725c794cb20e86b944a346babffa2c06189d6b712335f2_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ce581d6ca8b4a780b9725c794cb20e86b944a346babffa2c06189d6b712335f2_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:ce581d6ca8b4a780b9725c794cb20e86b944a346babffa2c06189d6b712335f2_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:eee7614663e691a38b9aeb9a3d24edaeab8c14aca913c4a4590f879e94c4f149_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:eee7614663e691a38b9aeb9a3d24edaeab8c14aca913c4a4590f879e94c4f149_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:eee7614663e691a38b9aeb9a3d24edaeab8c14aca913c4a4590f879e94c4f149_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:13dcb4d7d8a4cb0b9d558e5d109ada4edbdd4010d02b684706f5710a141fcc8f_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:13dcb4d7d8a4cb0b9d558e5d109ada4edbdd4010d02b684706f5710a141fcc8f_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:13dcb4d7d8a4cb0b9d558e5d109ada4edbdd4010d02b684706f5710a141fcc8f_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:30059f1449c3397fa40946efa91ab009be4d56dda97116e471f62495d94f9446_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:30059f1449c3397fa40946efa91ab009be4d56dda97116e471f62495d94f9446_s390x"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:30059f1449c3397fa40946efa91ab009be4d56dda97116e471f62495d94f9446_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:5bfcc66f0dcaa577496389ba4a9d768c8d7e2b23dab37e8a654b23e55b4196de_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:5bfcc66f0dcaa577496389ba4a9d768c8d7e2b23dab37e8a654b23e55b4196de_arm64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:5bfcc66f0dcaa577496389ba4a9d768c8d7e2b23dab37e8a654b23e55b4196de_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:e7631c53bc0aeb4756aec062bc2af6b6dc10d866c527cda043cb29352e912315_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e7631c53bc0aeb4756aec062bc2af6b6dc10d866c527cda043cb29352e912315_amd64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:e7631c53bc0aeb4756aec062bc2af6b6dc10d866c527cda043cb29352e912315_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:84e1ef5d6a8b2819886e931a3571b9d011fe78c1eeb833698fe2097c3a686470_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:84e1ef5d6a8b2819886e931a3571b9d011fe78c1eeb833698fe2097c3a686470_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:84e1ef5d6a8b2819886e931a3571b9d011fe78c1eeb833698fe2097c3a686470_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:c415dd0b81e26dbcc2b8d03aff026e02c04d0145dd2fed95a4f48802d8aa422d_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c415dd0b81e26dbcc2b8d03aff026e02c04d0145dd2fed95a4f48802d8aa422d_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:c415dd0b81e26dbcc2b8d03aff026e02c04d0145dd2fed95a4f48802d8aa422d_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:d1915eb9104878a80d8dabe2d94d08fb05ebb2fd8f98eeac5db583c6a8523654_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d1915eb9104878a80d8dabe2d94d08fb05ebb2fd8f98eeac5db583c6a8523654_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:d1915eb9104878a80d8dabe2d94d08fb05ebb2fd8f98eeac5db583c6a8523654_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:f808b2e9c12c0380686af71f5a87b39f611be4a694523d65ca87479a8f105c96_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:f808b2e9c12c0380686af71f5a87b39f611be4a694523d65ca87479a8f105c96_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:f808b2e9c12c0380686af71f5a87b39f611be4a694523d65ca87479a8f105c96_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:0dbfe58c19fed17005e091d3f436c9929eabd9749befa3631848121ddabe011f_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0dbfe58c19fed17005e091d3f436c9929eabd9749befa3631848121ddabe011f_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:0dbfe58c19fed17005e091d3f436c9929eabd9749befa3631848121ddabe011f_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:a88a232308fc41065171f1bc00d2732c3f3f20316017fa9756335d4bef9e0a9d_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:a88a232308fc41065171f1bc00d2732c3f3f20316017fa9756335d4bef9e0a9d_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:a88a232308fc41065171f1bc00d2732c3f3f20316017fa9756335d4bef9e0a9d_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:bde8c5073241fad487f3f649913cf7de45c5d9752038060e5fa068b11509c521_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:bde8c5073241fad487f3f649913cf7de45c5d9752038060e5fa068b11509c521_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:bde8c5073241fad487f3f649913cf7de45c5d9752038060e5fa068b11509c521_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:f0a183a03e2a2159b7f4de429e64da43fe3ea8baa58aa5582177d8809f55d259_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:f0a183a03e2a2159b7f4de429e64da43fe3ea8baa58aa5582177d8809f55d259_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:f0a183a03e2a2159b7f4de429e64da43fe3ea8baa58aa5582177d8809f55d259_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:59b5667d37aa167350f70d8d4c353c00bb5948dc82aab6860a49989f85bdbf86_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:59b5667d37aa167350f70d8d4c353c00bb5948dc82aab6860a49989f85bdbf86_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:59b5667d37aa167350f70d8d4c353c00bb5948dc82aab6860a49989f85bdbf86_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:5dd12b1fd952bd8cb68a387a290a8d72ea7b148d37c2901df8f347193a0b7e42_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:5dd12b1fd952bd8cb68a387a290a8d72ea7b148d37c2901df8f347193a0b7e42_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:5dd12b1fd952bd8cb68a387a290a8d72ea7b148d37c2901df8f347193a0b7e42_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:7e56a2232e872992d9445fd40347c92801d32b215c3ecb73ae9667ff6931108a_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:7e56a2232e872992d9445fd40347c92801d32b215c3ecb73ae9667ff6931108a_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:7e56a2232e872992d9445fd40347c92801d32b215c3ecb73ae9667ff6931108a_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:7f3779207257346928fb1fc887eb53a7bcc1036068497c34081511274ab16693_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:7f3779207257346928fb1fc887eb53a7bcc1036068497c34081511274ab16693_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:7f3779207257346928fb1fc887eb53a7bcc1036068497c34081511274ab16693_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:15ca7df31562c1b3941f2d626566dd9e0fb7f6d6f250eb18ff4588c669b6fb34_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:15ca7df31562c1b3941f2d626566dd9e0fb7f6d6f250eb18ff4588c669b6fb34_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:15ca7df31562c1b3941f2d626566dd9e0fb7f6d6f250eb18ff4588c669b6fb34_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:43dd45558fabc8c174a15cfee660494dab76f324472c5a3ac58377c66b212b91_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:43dd45558fabc8c174a15cfee660494dab76f324472c5a3ac58377c66b212b91_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:43dd45558fabc8c174a15cfee660494dab76f324472c5a3ac58377c66b212b91_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:80de017468569ad56c876902347a5210259ea37768d68926fc26c247ed57c415_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:80de017468569ad56c876902347a5210259ea37768d68926fc26c247ed57c415_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:80de017468569ad56c876902347a5210259ea37768d68926fc26c247ed57c415_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:95ffba5e1be1911ebaa7e29b7af35a2fc1f6e42deaf09d28ce5af3663b9179af_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:95ffba5e1be1911ebaa7e29b7af35a2fc1f6e42deaf09d28ce5af3663b9179af_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:95ffba5e1be1911ebaa7e29b7af35a2fc1f6e42deaf09d28ce5af3663b9179af_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45336",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2025-01-23T12:57:38.123000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:4ca2cc3742e64531273fc1b35511fffe352e65a5527ae041c7bf2075f5b29911_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b26108c4cef97feb0ae24c1e8339d7bde1713970b784849ca1215b7715d9787c_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c5d07b8b521b72c1f894dd24c6828dd36d19390917f5bc2667eea4a7dac041fa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:d5dbb543c850a8e1e3906b612726833716f456b62a4011b1f8dab9cd22c59c01_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3b92a8c34e3a06bdd1434cadbdb841ec1826a1500da693cfe7e8824142370e14_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:69d4c2058d655572e30311736a9c8d375a106d6bb5aacd79ef7446ab56709563_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ce581d6ca8b4a780b9725c794cb20e86b944a346babffa2c06189d6b712335f2_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:eee7614663e691a38b9aeb9a3d24edaeab8c14aca913c4a4590f879e94c4f149_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:13dcb4d7d8a4cb0b9d558e5d109ada4edbdd4010d02b684706f5710a141fcc8f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:30059f1449c3397fa40946efa91ab009be4d56dda97116e471f62495d94f9446_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:5bfcc66f0dcaa577496389ba4a9d768c8d7e2b23dab37e8a654b23e55b4196de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e7631c53bc0aeb4756aec062bc2af6b6dc10d866c527cda043cb29352e912315_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0dbfe58c19fed17005e091d3f436c9929eabd9749befa3631848121ddabe011f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:a88a232308fc41065171f1bc00d2732c3f3f20316017fa9756335d4bef9e0a9d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:bde8c5073241fad487f3f649913cf7de45c5d9752038060e5fa068b11509c521_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:f0a183a03e2a2159b7f4de429e64da43fe3ea8baa58aa5582177d8809f55d259_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:59b5667d37aa167350f70d8d4c353c00bb5948dc82aab6860a49989f85bdbf86_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:5dd12b1fd952bd8cb68a387a290a8d72ea7b148d37c2901df8f347193a0b7e42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:7e56a2232e872992d9445fd40347c92801d32b215c3ecb73ae9667ff6931108a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:7f3779207257346928fb1fc887eb53a7bcc1036068497c34081511274ab16693_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:15ca7df31562c1b3941f2d626566dd9e0fb7f6d6f250eb18ff4588c669b6fb34_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:43dd45558fabc8c174a15cfee660494dab76f324472c5a3ac58377c66b212b91_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:80de017468569ad56c876902347a5210259ea37768d68926fc26c247ed57c415_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:95ffba5e1be1911ebaa7e29b7af35a2fc1f6e42deaf09d28ce5af3663b9179af_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2341751"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/http package of the Golang standard library. The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to `a.com/` containing an Authorization header redirected to `b.com/` will not send that header to `b.com`. However, the sensitive headers would be restored if the client received a subsequent same-domain redirect. For example, a chain of redirects from `a.com/`, to `b.com/1`, and finally to `b.com/2` would incorrectly send the Authorization header to `b.com/2`.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:84e1ef5d6a8b2819886e931a3571b9d011fe78c1eeb833698fe2097c3a686470_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c415dd0b81e26dbcc2b8d03aff026e02c04d0145dd2fed95a4f48802d8aa422d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d1915eb9104878a80d8dabe2d94d08fb05ebb2fd8f98eeac5db583c6a8523654_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:f808b2e9c12c0380686af71f5a87b39f611be4a694523d65ca87479a8f105c96_ppc64le"
],
"known_not_affected": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:4ca2cc3742e64531273fc1b35511fffe352e65a5527ae041c7bf2075f5b29911_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b26108c4cef97feb0ae24c1e8339d7bde1713970b784849ca1215b7715d9787c_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c5d07b8b521b72c1f894dd24c6828dd36d19390917f5bc2667eea4a7dac041fa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:d5dbb543c850a8e1e3906b612726833716f456b62a4011b1f8dab9cd22c59c01_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3b92a8c34e3a06bdd1434cadbdb841ec1826a1500da693cfe7e8824142370e14_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:69d4c2058d655572e30311736a9c8d375a106d6bb5aacd79ef7446ab56709563_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ce581d6ca8b4a780b9725c794cb20e86b944a346babffa2c06189d6b712335f2_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:eee7614663e691a38b9aeb9a3d24edaeab8c14aca913c4a4590f879e94c4f149_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:13dcb4d7d8a4cb0b9d558e5d109ada4edbdd4010d02b684706f5710a141fcc8f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:30059f1449c3397fa40946efa91ab009be4d56dda97116e471f62495d94f9446_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:5bfcc66f0dcaa577496389ba4a9d768c8d7e2b23dab37e8a654b23e55b4196de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e7631c53bc0aeb4756aec062bc2af6b6dc10d866c527cda043cb29352e912315_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0dbfe58c19fed17005e091d3f436c9929eabd9749befa3631848121ddabe011f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:a88a232308fc41065171f1bc00d2732c3f3f20316017fa9756335d4bef9e0a9d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:bde8c5073241fad487f3f649913cf7de45c5d9752038060e5fa068b11509c521_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:f0a183a03e2a2159b7f4de429e64da43fe3ea8baa58aa5582177d8809f55d259_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:59b5667d37aa167350f70d8d4c353c00bb5948dc82aab6860a49989f85bdbf86_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:5dd12b1fd952bd8cb68a387a290a8d72ea7b148d37c2901df8f347193a0b7e42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:7e56a2232e872992d9445fd40347c92801d32b215c3ecb73ae9667ff6931108a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:7f3779207257346928fb1fc887eb53a7bcc1036068497c34081511274ab16693_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:15ca7df31562c1b3941f2d626566dd9e0fb7f6d6f250eb18ff4588c669b6fb34_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:43dd45558fabc8c174a15cfee660494dab76f324472c5a3ac58377c66b212b91_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:80de017468569ad56c876902347a5210259ea37768d68926fc26c247ed57c415_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:95ffba5e1be1911ebaa7e29b7af35a2fc1f6e42deaf09d28ce5af3663b9179af_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45336"
},
{
"category": "external",
"summary": "RHBZ#2341751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2341751"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45336",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45336"
}
],
"release_date": "2025-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-04-15T17:24:31+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:84e1ef5d6a8b2819886e931a3571b9d011fe78c1eeb833698fe2097c3a686470_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c415dd0b81e26dbcc2b8d03aff026e02c04d0145dd2fed95a4f48802d8aa422d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d1915eb9104878a80d8dabe2d94d08fb05ebb2fd8f98eeac5db583c6a8523654_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:f808b2e9c12c0380686af71f5a87b39f611be4a694523d65ca87479a8f105c96_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3922"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:4ca2cc3742e64531273fc1b35511fffe352e65a5527ae041c7bf2075f5b29911_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b26108c4cef97feb0ae24c1e8339d7bde1713970b784849ca1215b7715d9787c_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c5d07b8b521b72c1f894dd24c6828dd36d19390917f5bc2667eea4a7dac041fa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:d5dbb543c850a8e1e3906b612726833716f456b62a4011b1f8dab9cd22c59c01_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3b92a8c34e3a06bdd1434cadbdb841ec1826a1500da693cfe7e8824142370e14_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:69d4c2058d655572e30311736a9c8d375a106d6bb5aacd79ef7446ab56709563_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ce581d6ca8b4a780b9725c794cb20e86b944a346babffa2c06189d6b712335f2_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:eee7614663e691a38b9aeb9a3d24edaeab8c14aca913c4a4590f879e94c4f149_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:13dcb4d7d8a4cb0b9d558e5d109ada4edbdd4010d02b684706f5710a141fcc8f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:30059f1449c3397fa40946efa91ab009be4d56dda97116e471f62495d94f9446_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:5bfcc66f0dcaa577496389ba4a9d768c8d7e2b23dab37e8a654b23e55b4196de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e7631c53bc0aeb4756aec062bc2af6b6dc10d866c527cda043cb29352e912315_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:84e1ef5d6a8b2819886e931a3571b9d011fe78c1eeb833698fe2097c3a686470_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c415dd0b81e26dbcc2b8d03aff026e02c04d0145dd2fed95a4f48802d8aa422d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d1915eb9104878a80d8dabe2d94d08fb05ebb2fd8f98eeac5db583c6a8523654_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:f808b2e9c12c0380686af71f5a87b39f611be4a694523d65ca87479a8f105c96_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0dbfe58c19fed17005e091d3f436c9929eabd9749befa3631848121ddabe011f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:a88a232308fc41065171f1bc00d2732c3f3f20316017fa9756335d4bef9e0a9d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:bde8c5073241fad487f3f649913cf7de45c5d9752038060e5fa068b11509c521_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:f0a183a03e2a2159b7f4de429e64da43fe3ea8baa58aa5582177d8809f55d259_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:59b5667d37aa167350f70d8d4c353c00bb5948dc82aab6860a49989f85bdbf86_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:5dd12b1fd952bd8cb68a387a290a8d72ea7b148d37c2901df8f347193a0b7e42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:7e56a2232e872992d9445fd40347c92801d32b215c3ecb73ae9667ff6931108a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:7f3779207257346928fb1fc887eb53a7bcc1036068497c34081511274ab16693_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:15ca7df31562c1b3941f2d626566dd9e0fb7f6d6f250eb18ff4588c669b6fb34_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:43dd45558fabc8c174a15cfee660494dab76f324472c5a3ac58377c66b212b91_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:80de017468569ad56c876902347a5210259ea37768d68926fc26c247ed57c415_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:95ffba5e1be1911ebaa7e29b7af35a2fc1f6e42deaf09d28ce5af3663b9179af_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect"
},
{
"cve": "CVE-2025-22866",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2025-02-06T17:00:56.155646+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:4ca2cc3742e64531273fc1b35511fffe352e65a5527ae041c7bf2075f5b29911_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b26108c4cef97feb0ae24c1e8339d7bde1713970b784849ca1215b7715d9787c_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c5d07b8b521b72c1f894dd24c6828dd36d19390917f5bc2667eea4a7dac041fa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:d5dbb543c850a8e1e3906b612726833716f456b62a4011b1f8dab9cd22c59c01_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3b92a8c34e3a06bdd1434cadbdb841ec1826a1500da693cfe7e8824142370e14_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:69d4c2058d655572e30311736a9c8d375a106d6bb5aacd79ef7446ab56709563_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ce581d6ca8b4a780b9725c794cb20e86b944a346babffa2c06189d6b712335f2_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:eee7614663e691a38b9aeb9a3d24edaeab8c14aca913c4a4590f879e94c4f149_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:13dcb4d7d8a4cb0b9d558e5d109ada4edbdd4010d02b684706f5710a141fcc8f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:30059f1449c3397fa40946efa91ab009be4d56dda97116e471f62495d94f9446_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:5bfcc66f0dcaa577496389ba4a9d768c8d7e2b23dab37e8a654b23e55b4196de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e7631c53bc0aeb4756aec062bc2af6b6dc10d866c527cda043cb29352e912315_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0dbfe58c19fed17005e091d3f436c9929eabd9749befa3631848121ddabe011f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:a88a232308fc41065171f1bc00d2732c3f3f20316017fa9756335d4bef9e0a9d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:bde8c5073241fad487f3f649913cf7de45c5d9752038060e5fa068b11509c521_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:f0a183a03e2a2159b7f4de429e64da43fe3ea8baa58aa5582177d8809f55d259_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:59b5667d37aa167350f70d8d4c353c00bb5948dc82aab6860a49989f85bdbf86_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:5dd12b1fd952bd8cb68a387a290a8d72ea7b148d37c2901df8f347193a0b7e42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:7e56a2232e872992d9445fd40347c92801d32b215c3ecb73ae9667ff6931108a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:7f3779207257346928fb1fc887eb53a7bcc1036068497c34081511274ab16693_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:15ca7df31562c1b3941f2d626566dd9e0fb7f6d6f250eb18ff4588c669b6fb34_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:43dd45558fabc8c174a15cfee660494dab76f324472c5a3ac58377c66b212b91_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:80de017468569ad56c876902347a5210259ea37768d68926fc26c247ed57c415_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:95ffba5e1be1911ebaa7e29b7af35a2fc1f6e42deaf09d28ce5af3663b9179af_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2344219"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Golang crypto/internal/nistec package. Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Considering how this function is used, this leakage is likely insufficient to recover the private key when P-256 is used in any well-known protocols.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:84e1ef5d6a8b2819886e931a3571b9d011fe78c1eeb833698fe2097c3a686470_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c415dd0b81e26dbcc2b8d03aff026e02c04d0145dd2fed95a4f48802d8aa422d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d1915eb9104878a80d8dabe2d94d08fb05ebb2fd8f98eeac5db583c6a8523654_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:f808b2e9c12c0380686af71f5a87b39f611be4a694523d65ca87479a8f105c96_ppc64le"
],
"known_not_affected": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:4ca2cc3742e64531273fc1b35511fffe352e65a5527ae041c7bf2075f5b29911_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b26108c4cef97feb0ae24c1e8339d7bde1713970b784849ca1215b7715d9787c_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c5d07b8b521b72c1f894dd24c6828dd36d19390917f5bc2667eea4a7dac041fa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:d5dbb543c850a8e1e3906b612726833716f456b62a4011b1f8dab9cd22c59c01_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3b92a8c34e3a06bdd1434cadbdb841ec1826a1500da693cfe7e8824142370e14_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:69d4c2058d655572e30311736a9c8d375a106d6bb5aacd79ef7446ab56709563_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ce581d6ca8b4a780b9725c794cb20e86b944a346babffa2c06189d6b712335f2_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:eee7614663e691a38b9aeb9a3d24edaeab8c14aca913c4a4590f879e94c4f149_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:13dcb4d7d8a4cb0b9d558e5d109ada4edbdd4010d02b684706f5710a141fcc8f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:30059f1449c3397fa40946efa91ab009be4d56dda97116e471f62495d94f9446_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:5bfcc66f0dcaa577496389ba4a9d768c8d7e2b23dab37e8a654b23e55b4196de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e7631c53bc0aeb4756aec062bc2af6b6dc10d866c527cda043cb29352e912315_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0dbfe58c19fed17005e091d3f436c9929eabd9749befa3631848121ddabe011f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:a88a232308fc41065171f1bc00d2732c3f3f20316017fa9756335d4bef9e0a9d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:bde8c5073241fad487f3f649913cf7de45c5d9752038060e5fa068b11509c521_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:f0a183a03e2a2159b7f4de429e64da43fe3ea8baa58aa5582177d8809f55d259_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:59b5667d37aa167350f70d8d4c353c00bb5948dc82aab6860a49989f85bdbf86_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:5dd12b1fd952bd8cb68a387a290a8d72ea7b148d37c2901df8f347193a0b7e42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:7e56a2232e872992d9445fd40347c92801d32b215c3ecb73ae9667ff6931108a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:7f3779207257346928fb1fc887eb53a7bcc1036068497c34081511274ab16693_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:15ca7df31562c1b3941f2d626566dd9e0fb7f6d6f250eb18ff4588c669b6fb34_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:43dd45558fabc8c174a15cfee660494dab76f324472c5a3ac58377c66b212b91_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:80de017468569ad56c876902347a5210259ea37768d68926fc26c247ed57c415_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:95ffba5e1be1911ebaa7e29b7af35a2fc1f6e42deaf09d28ce5af3663b9179af_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22866"
},
{
"category": "external",
"summary": "RHBZ#2344219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2344219"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22866",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22866"
},
{
"category": "external",
"summary": "https://go.dev/cl/643735",
"url": "https://go.dev/cl/643735"
},
{
"category": "external",
"summary": "https://go.dev/issue/71383",
"url": "https://go.dev/issue/71383"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k",
"url": "https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3447",
"url": "https://pkg.go.dev/vuln/GO-2025-3447"
}
],
"release_date": "2025-02-06T16:54:10.252000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-04-15T17:24:31+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:84e1ef5d6a8b2819886e931a3571b9d011fe78c1eeb833698fe2097c3a686470_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c415dd0b81e26dbcc2b8d03aff026e02c04d0145dd2fed95a4f48802d8aa422d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d1915eb9104878a80d8dabe2d94d08fb05ebb2fd8f98eeac5db583c6a8523654_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:f808b2e9c12c0380686af71f5a87b39f611be4a694523d65ca87479a8f105c96_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:3922"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:4ca2cc3742e64531273fc1b35511fffe352e65a5527ae041c7bf2075f5b29911_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:b26108c4cef97feb0ae24c1e8339d7bde1713970b784849ca1215b7715d9787c_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c5d07b8b521b72c1f894dd24c6828dd36d19390917f5bc2667eea4a7dac041fa_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:d5dbb543c850a8e1e3906b612726833716f456b62a4011b1f8dab9cd22c59c01_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3b92a8c34e3a06bdd1434cadbdb841ec1826a1500da693cfe7e8824142370e14_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:69d4c2058d655572e30311736a9c8d375a106d6bb5aacd79ef7446ab56709563_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:ce581d6ca8b4a780b9725c794cb20e86b944a346babffa2c06189d6b712335f2_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:eee7614663e691a38b9aeb9a3d24edaeab8c14aca913c4a4590f879e94c4f149_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:13dcb4d7d8a4cb0b9d558e5d109ada4edbdd4010d02b684706f5710a141fcc8f_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:30059f1449c3397fa40946efa91ab009be4d56dda97116e471f62495d94f9446_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:5bfcc66f0dcaa577496389ba4a9d768c8d7e2b23dab37e8a654b23e55b4196de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e7631c53bc0aeb4756aec062bc2af6b6dc10d866c527cda043cb29352e912315_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:84e1ef5d6a8b2819886e931a3571b9d011fe78c1eeb833698fe2097c3a686470_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c415dd0b81e26dbcc2b8d03aff026e02c04d0145dd2fed95a4f48802d8aa422d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d1915eb9104878a80d8dabe2d94d08fb05ebb2fd8f98eeac5db583c6a8523654_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:f808b2e9c12c0380686af71f5a87b39f611be4a694523d65ca87479a8f105c96_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0dbfe58c19fed17005e091d3f436c9929eabd9749befa3631848121ddabe011f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:a88a232308fc41065171f1bc00d2732c3f3f20316017fa9756335d4bef9e0a9d_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:bde8c5073241fad487f3f649913cf7de45c5d9752038060e5fa068b11509c521_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:f0a183a03e2a2159b7f4de429e64da43fe3ea8baa58aa5582177d8809f55d259_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:59b5667d37aa167350f70d8d4c353c00bb5948dc82aab6860a49989f85bdbf86_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:5dd12b1fd952bd8cb68a387a290a8d72ea7b148d37c2901df8f347193a0b7e42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:7e56a2232e872992d9445fd40347c92801d32b215c3ecb73ae9667ff6931108a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:7f3779207257346928fb1fc887eb53a7bcc1036068497c34081511274ab16693_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:15ca7df31562c1b3941f2d626566dd9e0fb7f6d6f250eb18ff4588c669b6fb34_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:43dd45558fabc8c174a15cfee660494dab76f324472c5a3ac58377c66b212b91_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:80de017468569ad56c876902347a5210259ea37768d68926fc26c247ed57c415_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:95ffba5e1be1911ebaa7e29b7af35a2fc1f6e42deaf09d28ce5af3663b9179af_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…