Vulnerability-Lookup

RHSA-2025:7753

Vulnerability from csaf_redhat - Published: 2025-05-15 17:09 - Updated: 2026-05-27 10:31

Summary

Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.15.2 security update

Severity

Important

Notes

Topic: Errata Advisory for Red Hat OpenShift GitOps 1.15.2 release

Details: Errata Advisory for Red Hat OpenShift GitOps 1.15.2 release Security Fix(es): * openshift-gitops-operator-container: Namespace Isolation Break [gitops-1.15](CVE-2024-13484) * openshift-gitops-argocd-container: Go JOSE's Parsing Vulnerable to Denial of Service [gitops-1.15](CVE-2025-27144) * openshift-gitops-argocd-rhel9-container: Go JOSE's Parsing Vulnerable to Denial of Service [gitops-1.15](CVE-2025-27144) * openshift-gitops-dex-container: Go JOSE's Parsing Vulnerable to Denial of Service [gitops-1.15](CVE-2025-27144) * openshift-gitops-operator-bundle-container: Go JOSE's Parsing Vulnerable to Denial of Service [gitops-1.15](CVE-2025-27144) * openshift-gitops-container: Potential denial of service in golang.org/x/crypto [gitops-1.15](CVE-2025-22869) * openshift-gitops-argo-rollouts-container: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS [gitops-1.15](CVE-2023-45288) * openshift-gitops-argocd-container: Memory Exhaustion in Expr Parser with Unrestricted Input [gitops-1.15](CVE-2025-29786) * openshift-gitops-argocd-rhel9-container: Memory Exhaustion in Expr Parser with Unrestricted Input [gitops-1.15](CVE-2025-29786) * openshift-gitops-argocd-container: jwt-go allows excessive memory allocation during header parsing [gitops-1.15](CVE-2025-30204) * openshift-gitops-argocd-rhel9-container: jwt-go allows excessive memory allocation during header parsing [gitops-1.15](CVE-2025-30204) * openshift-gitops-operator-bundle-container: jwt-go allows excessive memory allocation during header parsing [gitops-1.15](CVE-2025-30204) * openshift-gitops-argocd-container: Prototype Pollution in redoc [gitops-1.15](CVE-2024-57083) * openshift-gitops-argocd-rhel9-container: Prototype Pollution in redoc [gitops-1.15](CVE-2024-57083) * openshift-gitops-dex-container: Unexpected memory consumption during token parsing in golang.org/x/oauth2 [gitops-1.15](CVE-2025-22868) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2023-45288

A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 35 products

Product	Version	Remediation
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64	—	Vendor Fix fix Workaround

Threats

Impact Important

CVE-2024-13484

A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the rule is rolled out cluster-wide when the label is applied.

8.2 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE-668 - Exposure of Resource to Wrong Sphere

Affected products

Fixed 35 products

Product	Version	Remediation
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-57083

A flaw was found in redoc. This vulnerability can allow an attacker to cause a Denial of Service (DoS) via supplying a crafted payload.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected products

Fixed 35 products

Product	Version	Remediation
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x	—	Vendor Fix fix
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64	—	Vendor Fix fix

Threats

Impact Important

CVE-2025-22868

A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, ".")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-1286 - Improper Validation of Syntactic Correctness of Input

Affected products

Fixed 35 products

Product	Version	Remediation
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64	—	Vendor Fix fix Workaround

Threats

Impact Important

CVE-2025-22869

A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 35 products

Product	Version	Remediation
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64	—	Vendor Fix fix Workaround

Threats

Impact Important

CVE-2025-27144

A flaw was found in GO-JOSE. In affected versions, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code uses strings.Split(token, ".") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. This issue could be exploied by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 35 products

Product	Version	Remediation
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2025-29786

A flaw was found in Expr. This vulnerability allows excessive memory usage and potential out-of-memory (OOM) crashes via unbounded input strings, where a malicious or inadvertent large expression can cause the parser to construct an extremely large Abstract Syntax Tree (AST), consuming excessive memory.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 35 products

Product	Version	Remediation
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64	—	Vendor Fix fix Workaround

Threats

Impact Important

CVE-2025-30204

A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-405 - Asymmetric Resource Consumption (Amplification)

Affected products

Fixed 35 products

Product	Version	Remediation
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64	—	Vendor Fix fix Workaround

Threats

Impact Important

References

59 references

URL	Category
https://access.redhat.com/errata/RHSA-2025:7753	self
https://access.redhat.com/security/updates/classi…	external
https://issues.redhat.com/browse/GITOPS-6150	external
https://issues.redhat.com/browse/GITOPS-6251	external
https://issues.redhat.com/browse/GITOPS-6287	external
https://issues.redhat.com/browse/GITOPS-6625	external
https://issues.redhat.com/browse/GITOPS-6664	external
https://issues.redhat.com/browse/GITOPS-6713	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2023-45288	self
https://bugzilla.redhat.com/show_bug.cgi?id=2268273	external
https://www.cve.org/CVERecord?id=CVE-2023-45288	external
https://nvd.nist.gov/vuln/detail/CVE-2023-45288	external
https://nowotarski.info/http2-continuation-flood/	external
https://pkg.go.dev/vuln/GO-2024-2687	external
https://www.kb.cert.org/vuls/id/421644	external
https://access.redhat.com/security/cve/CVE-2024-13484	self
https://bugzilla.redhat.com/show_bug.cgi?id=2269376	external
https://www.cve.org/CVERecord?id=CVE-2024-13484	external
https://nvd.nist.gov/vuln/detail/CVE-2024-13484	external
https://access.redhat.com/security/cve/CVE-2024-57083	self
https://bugzilla.redhat.com/show_bug.cgi?id=2355865	external
https://www.cve.org/CVERecord?id=CVE-2024-57083	external
https://nvd.nist.gov/vuln/detail/CVE-2024-57083	external
https://github.com/Redocly/redoc/issues/2499	external
https://access.redhat.com/security/cve/CVE-2025-22868	self
https://bugzilla.redhat.com/show_bug.cgi?id=2348366	external
https://www.cve.org/CVERecord?id=CVE-2025-22868	external
https://nvd.nist.gov/vuln/detail/CVE-2025-22868	external
https://go.dev/cl/652155	external
https://go.dev/issue/71490	external
https://pkg.go.dev/vuln/GO-2025-3488	external
https://access.redhat.com/security/cve/CVE-2025-22869	self
https://bugzilla.redhat.com/show_bug.cgi?id=2348367	external
https://www.cve.org/CVERecord?id=CVE-2025-22869	external
https://nvd.nist.gov/vuln/detail/CVE-2025-22869	external
https://go.dev/cl/652135	external
https://go.dev/issue/71931	external
https://pkg.go.dev/vuln/GO-2025-3487	external
https://access.redhat.com/security/cve/CVE-2025-27144	self
https://bugzilla.redhat.com/show_bug.cgi?id=2347423	external
https://www.cve.org/CVERecord?id=CVE-2025-27144	external
https://nvd.nist.gov/vuln/detail/CVE-2025-27144	external
https://github.com/go-jose/go-jose/commit/99b346c…	external
https://github.com/go-jose/go-jose/releases/tag/v4.0.5	external
https://github.com/go-jose/go-jose/security/advis…	external
https://access.redhat.com/security/cve/CVE-2025-29786	self
https://bugzilla.redhat.com/show_bug.cgi?id=2352914	external
https://www.cve.org/CVERecord?id=CVE-2025-29786	external
https://nvd.nist.gov/vuln/detail/CVE-2025-29786	external
https://github.com/expr-lang/expr/pull/762	external
https://github.com/expr-lang/expr/security/adviso…	external
https://access.redhat.com/security/cve/CVE-2025-30204	self
https://bugzilla.redhat.com/show_bug.cgi?id=2354195	external
https://www.cve.org/CVERecord?id=CVE-2025-30204	external
https://nvd.nist.gov/vuln/detail/CVE-2025-30204	external
https://github.com/golang-jwt/jwt/commit/0951d184…	external
https://github.com/golang-jwt/jwt/security/adviso…	external
https://pkg.go.dev/vuln/GO-2025-3553	external

Acknowledgments

nowotarski.info Bartek Nowotarski

jub0bs

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Errata Advisory for Red Hat OpenShift GitOps 1.15.2 release",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Errata Advisory for Red Hat OpenShift GitOps 1.15.2 release\n\nSecurity Fix(es):\n\n* openshift-gitops-operator-container: Namespace Isolation Break [gitops-1.15](CVE-2024-13484)  \n* openshift-gitops-argocd-container: Go JOSE\u0027s Parsing Vulnerable to Denial of Service [gitops-1.15](CVE-2025-27144)  \n* openshift-gitops-argocd-rhel9-container: Go JOSE\u0027s Parsing Vulnerable to Denial of Service [gitops-1.15](CVE-2025-27144)  \n* openshift-gitops-dex-container: Go JOSE\u0027s Parsing Vulnerable to Denial of Service [gitops-1.15](CVE-2025-27144)  \n* openshift-gitops-operator-bundle-container: Go JOSE\u0027s Parsing Vulnerable to Denial of Service [gitops-1.15](CVE-2025-27144)  \n* openshift-gitops-container: Potential denial of service in golang.org/x/crypto [gitops-1.15](CVE-2025-22869)  \n* openshift-gitops-argo-rollouts-container: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS [gitops-1.15](CVE-2023-45288)  \n* openshift-gitops-argocd-container: Memory Exhaustion in Expr Parser with Unrestricted Input [gitops-1.15](CVE-2025-29786)  \n* openshift-gitops-argocd-rhel9-container: Memory Exhaustion in Expr Parser with Unrestricted Input [gitops-1.15](CVE-2025-29786)  \n* openshift-gitops-argocd-container: jwt-go allows excessive memory allocation during header parsing [gitops-1.15](CVE-2025-30204)  \n* openshift-gitops-argocd-rhel9-container: jwt-go allows excessive memory allocation during header parsing [gitops-1.15](CVE-2025-30204)  \n* openshift-gitops-operator-bundle-container: jwt-go allows excessive memory allocation during header parsing [gitops-1.15](CVE-2025-30204)  \n* openshift-gitops-argocd-container: Prototype Pollution in redoc [gitops-1.15](CVE-2024-57083)  \n* openshift-gitops-argocd-rhel9-container: Prototype Pollution in redoc [gitops-1.15](CVE-2024-57083)  \n* openshift-gitops-dex-container: Unexpected memory consumption during token parsing in golang.org/x/oauth2 [gitops-1.15](CVE-2025-22868)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s)\nlisted in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:7753",
        "url": "https://access.redhat.com/errata/RHSA-2025:7753"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "GITOPS-6150",
        "url": "https://issues.redhat.com/browse/GITOPS-6150"
      },
      {
        "category": "external",
        "summary": "GITOPS-6251",
        "url": "https://issues.redhat.com/browse/GITOPS-6251"
      },
      {
        "category": "external",
        "summary": "GITOPS-6287",
        "url": "https://issues.redhat.com/browse/GITOPS-6287"
      },
      {
        "category": "external",
        "summary": "GITOPS-6625",
        "url": "https://issues.redhat.com/browse/GITOPS-6625"
      },
      {
        "category": "external",
        "summary": "GITOPS-6664",
        "url": "https://issues.redhat.com/browse/GITOPS-6664"
      },
      {
        "category": "external",
        "summary": "GITOPS-6713",
        "url": "https://issues.redhat.com/browse/GITOPS-6713"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_7753.json"
      }
    ],
    "title": "Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.15.2 security update",
    "tracking": {
      "current_release_date": "2026-05-27T10:31:05+00:00",
      "generator": {
        "date": "2026-05-27T10:31:05+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2025:7753",
      "initial_release_date": "2025-05-15T17:09:32+00:00",
      "revision_history": [
        {
          "date": "2025-05-15T17:09:32+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-05-15T17:09:32+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-05-27T10:31:05+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat OpenShift GitOps 1.15",
                "product": {
                  "name": "Red Hat OpenShift GitOps 1.15",
                  "product_id": "8Base-GitOps-1.15",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift_gitops:1.15::el8"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat OpenShift GitOps 1.15",
                "product": {
                  "name": "Red Hat OpenShift GitOps 1.15",
                  "product_id": "9Base-GitOps-1.15",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift_gitops:1.15::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift GitOps"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
                "product": {
                  "name": "openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
                  "product_id": "openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
                "product": {
                  "name": "openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
                  "product_id": "openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
                "product": {
                  "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
                  "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
                "product": {
                  "name": "openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
                  "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
                "product": {
                  "name": "openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
                  "product_id": "openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
                "product": {
                  "name": "openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
                  "product_id": "openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
                "product": {
                  "name": "openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
                  "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
                "product": {
                  "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
                  "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.15.2-4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
                "product": {
                  "name": "openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
                  "product_id": "openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
                "product": {
                  "name": "openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
                  "product_id": "openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
                "product": {
                  "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
                  "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
                "product": {
                  "name": "openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
                  "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
                "product": {
                  "name": "openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
                  "product_id": "openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
                "product": {
                  "name": "openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
                  "product_id": "openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
                "product": {
                  "name": "openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
                  "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
                "product": {
                  "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
                  "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.15.2-4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
                "product": {
                  "name": "openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
                  "product_id": "openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
                "product": {
                  "name": "openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
                  "product_id": "openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
                "product": {
                  "name": "openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
                  "product_id": "openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel9\u0026tag=v1.15.2-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
                "product": {
                  "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
                  "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
                "product": {
                  "name": "openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
                  "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
                "product": {
                  "name": "openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
                  "product_id": "openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
                "product": {
                  "name": "openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
                  "product_id": "openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
                "product": {
                  "name": "openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
                  "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
                "product": {
                  "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
                  "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.15.2-4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
                "product": {
                  "name": "openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
                  "product_id": "openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
                "product": {
                  "name": "openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
                  "product_id": "openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-extensions-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64",
                "product": {
                  "name": "openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64",
                  "product_id": "openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel9\u0026tag=v1.15.2-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
                "product": {
                  "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
                  "product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
                "product": {
                  "name": "openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
                  "product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
                "product": {
                  "name": "openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
                  "product_id": "openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
                "product": {
                  "name": "openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
                  "product_id": "openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
                "product": {
                  "name": "openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
                  "product_id": "openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
                "product": {
                  "name": "openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
                  "product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.15.2-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
                "product": {
                  "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
                  "product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.15.2-4"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64 as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64"
        },
        "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64 as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64"
        },
        "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le"
        },
        "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x"
        },
        "product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64 as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64"
        },
        "product_reference": "openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x"
        },
        "product_reference": "openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64 as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64"
        },
        "product_reference": "openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le"
        },
        "product_reference": "openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64 as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64"
        },
        "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64 as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64"
        },
        "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le"
        },
        "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x"
        },
        "product_reference": "openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64 as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64"
        },
        "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le"
        },
        "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x"
        },
        "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64 as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64"
        },
        "product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le"
        },
        "product_reference": "openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x"
        },
        "product_reference": "openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64 as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64"
        },
        "product_reference": "openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64 as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64"
        },
        "product_reference": "openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64 as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64"
        },
        "product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64 as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64"
        },
        "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64 as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64"
        },
        "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le"
        },
        "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x"
        },
        "product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le"
        },
        "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x"
        },
        "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64 as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64"
        },
        "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64 as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64"
        },
        "product_reference": "openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64 as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64"
        },
        "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64 as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64"
        },
        "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x"
        },
        "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le"
        },
        "product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
        "relates_to_product_reference": "8Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64 as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64"
        },
        "product_reference": "openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
        "relates_to_product_reference": "9Base-GitOps-1.15"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64 as a component of Red Hat OpenShift GitOps 1.15",
          "product_id": "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
        },
        "product_reference": "openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64",
        "relates_to_product_reference": "9Base-GitOps-1.15"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Bartek Nowotarski"
          ],
          "organization": "nowotarski.info"
        }
      ],
      "cve": "CVE-2023-45288",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2024-03-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2268273"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a denial of service. It is simple to exploit, could significantly impact availability, and there is not a suitable mitigation for all use cases. Once an attack has ended, the system should return to normal operations on its own.\n\nThis vulnerability only impacts servers which have HTTP/2 enabled. It stems from an imperfect definition of the protocol. As the Go programming language is widely utilized across nearly every major Red Hat offering, a full listing of impacted packages will not be provided. Therefore, the \u201cAffected Packages and Issued Red Hat Security Errata\u201d section contains a simplified list of what offerings need to remediate this vulnerability. Every impacted offering has at least one representative component listed, but potentially not all of them. Rest assured that Red Hat is committed to remediating this vulnerability across our entire portfolio.\n\nMany components are rated as Low impact due to configurations which reduce the attack surface or  significantly increase the difficulty of exploitation. A summary of these scenarios are:\n* The container includes a package that provides a vulnerable webserver, but it is not used or running during operation\n* HTTP/2 is disabled by default and is not supported\n* Only a client implementation is provided, which is not vulnerable\n* A vulnerable module (either golang.org/net/http or golang.org/x/net/http2) is included, but disabled\n* Access to a vulnerable server is restricted within the container (loopback only connections)\n* Golang is available in the container but is not used\n\n\nWithin the Red Hat OpenShift Container Platform, the majority of vulnerable components are not externally accessible. This means an attacker must already have access to a container within your environment to exploit this vulnerability. However, the ose-hyperkube (openshift-enterprise-hyperkube) container is externally accessible, so there are less barriers to exploitation. Fixes for this specific container are already available.\n\nWithin Red Hat Ansible Automation Platform, the impacted component is Receptor. The impact has been reduced to Low as the vulnerable code is present, but not utilized. There are three potential exposures within this component:\n* Receptor utilizes QUIC a UDP based protocol which does not run over HTTP/2\n* Receptor utilizes the x/net/ipv4 and ipv6 packages, both of which are not affected",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
          "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
          "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-45288"
        },
        {
          "category": "external",
          "summary": "RHBZ#2268273",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-45288",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288"
        },
        {
          "category": "external",
          "summary": "https://nowotarski.info/http2-continuation-flood/",
          "url": "https://nowotarski.info/http2-continuation-flood/"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2024-2687",
          "url": "https://pkg.go.dev/vuln/GO-2024-2687"
        },
        {
          "category": "external",
          "summary": "https://www.kb.cert.org/vuls/id/421644",
          "url": "https://www.kb.cert.org/vuls/id/421644"
        }
      ],
      "release_date": "2024-04-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-05-15T17:09:32+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:7753"
        },
        {
          "category": "workaround",
          "details": "In some environments where http/2 support is not required, it may be possible to disable this feature to reduce risk.",
          "product_ids": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS"
    },
    {
      "cve": "CVE-2024-13484",
      "cwe": {
        "id": "CWE-668",
        "name": "Exposure of Resource to Wrong Sphere"
      },
      "discovery_date": "2024-03-13T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2269376"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the rule is rolled out cluster-wide when the label is applied.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openshift-gitops-operator-container: Namespace Isolation Break",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "To exploit this flaw, a local attacker must be logged into the system with admin privileges, limiting the possibility of this issue to be exploited.\nFor this reason, this flaw has been rated with a Moderate severity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
          "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
          "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-13484"
        },
        {
          "category": "external",
          "summary": "RHBZ#2269376",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269376"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-13484",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-13484"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-13484",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-13484"
        }
      ],
      "release_date": "2025-01-28T17:43:15.879000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-05-15T17:09:32+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:7753"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openshift-gitops-operator-container: Namespace Isolation Break"
    },
    {
      "cve": "CVE-2024-57083",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "discovery_date": "2025-03-28T21:01:02.993057+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2355865"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in redoc. This vulnerability can allow an attacker to cause a Denial of Service (DoS) via supplying a crafted payload.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "redoc: Prototype Pollution in redoc",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as an Important severity because it allows attackers to exploit a prototype pollution issue in the Module.mergeObjects method by crafting a malicious payload. An attacker can alter the built-in Object.prototype, causing a Denial of Service (DoS) condition, leading to system instability, impacting the availability of the affected system.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
          "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
          "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-57083"
        },
        {
          "category": "external",
          "summary": "RHBZ#2355865",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355865"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-57083",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-57083"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-57083",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57083"
        },
        {
          "category": "external",
          "summary": "https://github.com/Redocly/redoc/issues/2499",
          "url": "https://github.com/Redocly/redoc/issues/2499"
        }
      ],
      "release_date": "2025-03-28T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-05-15T17:09:32+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:7753"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "redoc: Prototype Pollution in redoc"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "jub0bs"
          ]
        }
      ],
      "cve": "CVE-2025-22868",
      "cwe": {
        "id": "CWE-1286",
        "name": "Improper Validation of Syntactic Correctness of Input"
      },
      "discovery_date": "2025-02-26T04:00:44.350024+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2348366"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
          "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
          "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-22868"
        },
        {
          "category": "external",
          "summary": "RHBZ#2348366",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/652155",
          "url": "https://go.dev/cl/652155"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/71490",
          "url": "https://go.dev/issue/71490"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2025-3488",
          "url": "https://pkg.go.dev/vuln/GO-2025-3488"
        }
      ],
      "release_date": "2025-02-26T03:07:49.012000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-05-15T17:09:32+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:7753"
        },
        {
          "category": "workaround",
          "details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
          "product_ids": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
    },
    {
      "cve": "CVE-2025-22869",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2025-02-26T04:00:47.683125+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2348367"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
          "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
          "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-22869"
        },
        {
          "category": "external",
          "summary": "RHBZ#2348367",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/652135",
          "url": "https://go.dev/cl/652135"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/71931",
          "url": "https://go.dev/issue/71931"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2025-3487",
          "url": "https://pkg.go.dev/vuln/GO-2025-3487"
        }
      ],
      "release_date": "2025-02-26T03:07:48.855000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-05-15T17:09:32+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:7753"
        },
        {
          "category": "workaround",
          "details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
          "product_ids": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
    },
    {
      "cve": "CVE-2025-27144",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2025-02-24T23:00:42.448432+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2347423"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in GO-JOSE. In affected versions, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code uses strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. This issue could be exploied by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "go-jose: Go JOSE\u0027s Parsing Vulnerable to Denial of Service",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
          "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
          "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-27144"
        },
        {
          "category": "external",
          "summary": "RHBZ#2347423",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347423"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-27144",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-27144",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27144"
        },
        {
          "category": "external",
          "summary": "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22",
          "url": "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22"
        },
        {
          "category": "external",
          "summary": "https://github.com/go-jose/go-jose/releases/tag/v4.0.5",
          "url": "https://github.com/go-jose/go-jose/releases/tag/v4.0.5"
        },
        {
          "category": "external",
          "summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78",
          "url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78"
        }
      ],
      "release_date": "2025-02-24T22:22:22.863000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-05-15T17:09:32+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:7753"
        },
        {
          "category": "workaround",
          "details": "As a workaround, applications can pre-validate that payloads being passed to Go JOSE do not contain an excessive number of `.` characters.",
          "product_ids": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "go-jose: Go JOSE\u0027s Parsing Vulnerable to Denial of Service"
    },
    {
      "cve": "CVE-2025-29786",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2025-03-17T14:00:59.078419+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2352914"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Expr. This vulnerability allows excessive memory usage and potential out-of-memory (OOM) crashes via unbounded input strings, where a malicious or inadvertent large expression can cause the parser to construct an extremely large Abstract Syntax Tree (AST), consuming excessive memory.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
          "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
          "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-29786"
        },
        {
          "category": "external",
          "summary": "RHBZ#2352914",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2352914"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-29786",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-29786",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29786"
        },
        {
          "category": "external",
          "summary": "https://github.com/expr-lang/expr/pull/762",
          "url": "https://github.com/expr-lang/expr/pull/762"
        },
        {
          "category": "external",
          "summary": "https://github.com/expr-lang/expr/security/advisories/GHSA-93mq-9ffx-83m2",
          "url": "https://github.com/expr-lang/expr/security/advisories/GHSA-93mq-9ffx-83m2"
        }
      ],
      "release_date": "2025-03-17T13:15:32.836000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-05-15T17:09:32+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:7753"
        },
        {
          "category": "workaround",
          "details": "To mitigate this vulnerability, it is recommended to impose an input size restriction before parsing (i.e. validating or limiting the length of expression strings that the application will accept). Ensuring no unbounded-length expressions are fed into the parser will prevent the parser from constructing a very large AST and avoid the potential memory exhaustion issue.",
          "product_ids": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input"
    },
    {
      "cve": "CVE-2025-30204",
      "cwe": {
        "id": "CWE-405",
        "name": "Asymmetric Resource Consumption (Amplification)"
      },
      "discovery_date": "2025-03-21T22:00:43.818367+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2354195"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
          "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
          "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
          "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-30204"
        },
        {
          "category": "external",
          "summary": "RHBZ#2354195",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354195"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-30204",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-30204",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30204"
        },
        {
          "category": "external",
          "summary": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3",
          "url": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3"
        },
        {
          "category": "external",
          "summary": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp",
          "url": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2025-3553",
          "url": "https://pkg.go.dev/vuln/GO-2025-3553"
        }
      ],
      "release_date": "2025-03-21T21:42:01.382000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-05-15T17:09:32+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:7753"
        },
        {
          "category": "workaround",
          "details": "Red Hat Product Security does not have a recommended mitigation at this time.",
          "product_ids": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:1c3014b6fed55efec858979b8e716025b3c930ce73ce03376d6b344cc799f408_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:c0b31a9043e01767c4305bf53852e4e956a75bbf0d338e9bdd84693d854aadb1_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:cffc1a5602bc8275c83aff3a8397dc812b925494deb8105bad675e1eebc1ce4f_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argo-rollouts-rhel8@sha256:f1551e8646b6f845566aa3786194b2cb3392240617ec33a8598e1361a2f7cf6e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:2959776572015171fe9e674bef16cd27207ad0dd9778597f61c92bd0b68419cb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:6751efa0700ce5aca7e998b507f2694d36671c800bd3df39c1793fdb79295b01_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:7de02503f35ffa0385273117b00104f7cd13cf62e90236a539b00d0a26914fe5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-extensions-rhel8@sha256:9628abc742fa7d3e4e7f76c42f86f729a12064b31c6fdcd4d56fd12de42c312d_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:2b613ea76cf38f82b81c0f94bc1310f8221ebfae30e11bb3eb9a9322f7de781c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:9b2b128beada3283376cb1e0daa09f3074e865cd13feff7e5cf4be22b80b73eb_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:adff90e820d35b5f6edb54e8a3e66a1944b3df7949b82b52757542990532a927_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/argocd-rhel8@sha256:c828786304a861504124f4adcef108a8ec2fbb1ffe39c6f40cbcd45421d9da63_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:23d6aff07ace832a252e24f8c4f50fa7bb8071195266ca2ee1ecb85d2c8cd040_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:7cf81305f51be21dd5044cf2b5e252c3504a5593b25c79efd14ac4c07b845e0e_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:b7729386eafdea2376dd9b95e2f30904f0a737108fa01643425a26817b2d49e3_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/console-plugin-rhel8@sha256:bd66924e532f909e4efe16a7d02556ce50d3aeb399a1c576365c58e28b217156_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:3763f158afee4709f908f9069cafc53e6e19932a89206e1b1c161b83978c8bf3_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:4f556b4a5eb754b8310db23d78984612ce6fb1537a96cf5bba1ca4d9db24c458_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:5322e7c5c3e6648cbc31aef26c793fe446de59f926c9e420e7bbe69be5b7628c_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/dex-rhel8@sha256:575fe0d90e61cd644293c9775b0b6670b159bf0e004b1514f65473a353ed157e_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-operator-bundle@sha256:9233f5165c36e049c07f6c86bc4a330e8cd5c92fdb9e26364f83156e5079a573_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:1ec8b3afca8969bb43413de847e9e42e863a00e618b2d75585a297f605d4c2cd_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:b5bad8e3002354e708978aa81d8fb12ce244336677dd4b43d05a2e3d28ee21fe_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:c11750919f393a494bd39f5430dd64502fda211e1e58b82b12b25c0aefb01b10_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8-operator@sha256:f44ea91f40a80ea0ceb8ce162344632fa4ac83a25e40e3e268a04960dd4cef8e_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:02615dcef407b4c180d2136fd2d0179b75a938663530173c3155fc137158b9ef_ppc64le",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:2fdc37ff27fe77bcf1b49b5067cc29250ec8e1073a1e3d747c46471a12a23bd2_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bab70614afc93dde060a53ae72f677c979851881160f434a7b3a82c208122222_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/gitops-rhel8@sha256:bfd4fc073330dff519a73394fd300f304dce3b7d4de1cc741324af08085819e6_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:a19ac137261209f8d9a0648179637ea7c2a4e0e605c6f1370de6f74deea62676_arm64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:dc62f735af6b8d61fc86b6e0a1aaf1c8d46ad1349b19ffd50ba64ab1e246f6d5_amd64",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:de26fafceadb28190c55206479cdfd6da1e8e1ec0c3cb2fcc6d541f18ff50b3c_s390x",
            "8Base-GitOps-1.15:openshift-gitops-1/must-gather-rhel8@sha256:e4a514fc6e6379c90a824eb1deb84e4d01754edd083b336a19c19e54697976bd_ppc64le",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4a9615e7da01f317497ae55955a0c43ea0c542a99a6ef836d836ec1d3326b09a_arm64",
            "9Base-GitOps-1.15:openshift-gitops-1/argocd-rhel9@sha256:4e37e27e6376e2568be24fcdf924d7fcaf59e67d00c84b3d0c5d03eebaee0a16_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing"
    }
  ]
}

CVE-2023-45288 (GCVE-0-2023-45288)

Vulnerability from cvelistv5 – Published: 2024-04-04 20:37 – Updated: 2025-11-04 18:17

Title

HTTP/2 CONTINUATION flood in net/http

Summary

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

References

8 references

URL	Tags
https://go.dev/issue/65051
https://go.dev/cl/576155
https://groups.google.com/g/golang-announce/c/YgW…
https://pkg.go.dev/vuln/GO-2024-2687
https://security.netapp.com/advisory/ntap-2024041…
https://lists.fedoraproject.org/archives/list/pac…
http://www.openwall.com/lists/oss-security/2024/04/05/4
http://www.openwall.com/lists/oss-security/2024/0…

Impacted products

2 products

Vendor	Product	Version
Go standard library	net/http	Affected: 0 , < 1.21.9 (semver) Affected: 1.22.0-0 , < 1.22.2 (semver)
golang.org/x/net	golang.org/x/net/http2	Affected: 0 , < 0.23.0 (semver)

Credits

Bartek Nowotarski (https://nowotarski.info/)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T18:17:43.583Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://go.dev/issue/65051"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://go.dev/cl/576155"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://pkg.go.dev/vuln/GO-2024-2687"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240419-0009/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/05/4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/03/16"
          },
          {
            "url": "https://www.kb.cert.org/vuls/id/421644"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:go_standard_library:net\\/http:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "net\\/http",
            "vendor": "go_standard_library",
            "versions": [
              {
                "lessThan": "1.21.9",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "1.22.2",
                "status": "affected",
                "version": "1.22.0-0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:golang:http2:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "http2",
            "vendor": "golang",
            "versions": [
              {
                "lessThan": "0.23.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-45288",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-05T17:08:42.212936Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-26T20:40:01.996Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "net/http",
          "product": "net/http",
          "programRoutines": [
            {
              "name": "http2Framer.readMetaFrame"
            },
            {
              "name": "CanonicalHeaderKey"
            },
            {
              "name": "Client.CloseIdleConnections"
            },
            {
              "name": "Client.Do"
            },
            {
              "name": "Client.Get"
            },
            {
              "name": "Client.Head"
            },
            {
              "name": "Client.Post"
            },
            {
              "name": "Client.PostForm"
            },
            {
              "name": "Cookie.String"
            },
            {
              "name": "Cookie.Valid"
            },
            {
              "name": "Dir.Open"
            },
            {
              "name": "Error"
            },
            {
              "name": "Get"
            },
            {
              "name": "HandlerFunc.ServeHTTP"
            },
            {
              "name": "Head"
            },
            {
              "name": "Header.Add"
            },
            {
              "name": "Header.Del"
            },
            {
              "name": "Header.Get"
            },
            {
              "name": "Header.Set"
            },
            {
              "name": "Header.Values"
            },
            {
              "name": "Header.Write"
            },
            {
              "name": "Header.WriteSubset"
            },
            {
              "name": "ListenAndServe"
            },
            {
              "name": "ListenAndServeTLS"
            },
            {
              "name": "NewRequest"
            },
            {
              "name": "NewRequestWithContext"
            },
            {
              "name": "NotFound"
            },
            {
              "name": "ParseTime"
            },
            {
              "name": "Post"
            },
            {
              "name": "PostForm"
            },
            {
              "name": "ProxyFromEnvironment"
            },
            {
              "name": "ReadRequest"
            },
            {
              "name": "ReadResponse"
            },
            {
              "name": "Redirect"
            },
            {
              "name": "Request.AddCookie"
            },
            {
              "name": "Request.BasicAuth"
            },
            {
              "name": "Request.FormFile"
            },
            {
              "name": "Request.FormValue"
            },
            {
              "name": "Request.MultipartReader"
            },
            {
              "name": "Request.ParseForm"
            },
            {
              "name": "Request.ParseMultipartForm"
            },
            {
              "name": "Request.PostFormValue"
            },
            {
              "name": "Request.Referer"
            },
            {
              "name": "Request.SetBasicAuth"
            },
            {
              "name": "Request.UserAgent"
            },
            {
              "name": "Request.Write"
            },
            {
              "name": "Request.WriteProxy"
            },
            {
              "name": "Response.Cookies"
            },
            {
              "name": "Response.Location"
            },
            {
              "name": "Response.Write"
            },
            {
              "name": "ResponseController.EnableFullDuplex"
            },
            {
              "name": "ResponseController.Flush"
            },
            {
              "name": "ResponseController.Hijack"
            },
            {
              "name": "ResponseController.SetReadDeadline"
            },
            {
              "name": "ResponseController.SetWriteDeadline"
            },
            {
              "name": "Serve"
            },
            {
              "name": "ServeContent"
            },
            {
              "name": "ServeFile"
            },
            {
              "name": "ServeMux.ServeHTTP"
            },
            {
              "name": "ServeTLS"
            },
            {
              "name": "Server.Close"
            },
            {
              "name": "Server.ListenAndServe"
            },
            {
              "name": "Server.ListenAndServeTLS"
            },
            {
              "name": "Server.Serve"
            },
            {
              "name": "Server.ServeTLS"
            },
            {
              "name": "Server.SetKeepAlivesEnabled"
            },
            {
              "name": "Server.Shutdown"
            },
            {
              "name": "SetCookie"
            },
            {
              "name": "Transport.CancelRequest"
            },
            {
              "name": "Transport.Clone"
            },
            {
              "name": "Transport.CloseIdleConnections"
            },
            {
              "name": "Transport.RoundTrip"
            },
            {
              "name": "body.Close"
            },
            {
              "name": "body.Read"
            },
            {
              "name": "bodyEOFSignal.Close"
            },
            {
              "name": "bodyEOFSignal.Read"
            },
            {
              "name": "bodyLocked.Read"
            },
            {
              "name": "bufioFlushWriter.Write"
            },
            {
              "name": "cancelTimerBody.Close"
            },
            {
              "name": "cancelTimerBody.Read"
            },
            {
              "name": "checkConnErrorWriter.Write"
            },
            {
              "name": "chunkWriter.Write"
            },
            {
              "name": "connReader.Read"
            },
            {
              "name": "connectMethodKey.String"
            },
            {
              "name": "expectContinueReader.Close"
            },
            {
              "name": "expectContinueReader.Read"
            },
            {
              "name": "extraHeader.Write"
            },
            {
              "name": "fileHandler.ServeHTTP"
            },
            {
              "name": "fileTransport.RoundTrip"
            },
            {
              "name": "globalOptionsHandler.ServeHTTP"
            },
            {
              "name": "gzipReader.Close"
            },
            {
              "name": "gzipReader.Read"
            },
            {
              "name": "http2ClientConn.Close"
            },
            {
              "name": "http2ClientConn.Ping"
            },
            {
              "name": "http2ClientConn.RoundTrip"
            },
            {
              "name": "http2ClientConn.Shutdown"
            },
            {
              "name": "http2ConnectionError.Error"
            },
            {
              "name": "http2ErrCode.String"
            },
            {
              "name": "http2FrameHeader.String"
            },
            {
              "name": "http2FrameType.String"
            },
            {
              "name": "http2FrameWriteRequest.String"
            },
            {
              "name": "http2Framer.ReadFrame"
            },
            {
              "name": "http2Framer.WriteContinuation"
            },
            {
              "name": "http2Framer.WriteData"
            },
            {
              "name": "http2Framer.WriteDataPadded"
            },
            {
              "name": "http2Framer.WriteGoAway"
            },
            {
              "name": "http2Framer.WriteHeaders"
            },
            {
              "name": "http2Framer.WritePing"
            },
            {
              "name": "http2Framer.WritePriority"
            },
            {
              "name": "http2Framer.WritePushPromise"
            },
            {
              "name": "http2Framer.WriteRSTStream"
            },
            {
              "name": "http2Framer.WriteRawFrame"
            },
            {
              "name": "http2Framer.WriteSettings"
            },
            {
              "name": "http2Framer.WriteSettingsAck"
            },
            {
              "name": "http2Framer.WriteWindowUpdate"
            },
            {
              "name": "http2GoAwayError.Error"
            },
            {
              "name": "http2Server.ServeConn"
            },
            {
              "name": "http2Setting.String"
            },
            {
              "name": "http2SettingID.String"
            },
            {
              "name": "http2SettingsFrame.ForeachSetting"
            },
            {
              "name": "http2StreamError.Error"
            },
            {
              "name": "http2Transport.CloseIdleConnections"
            },
            {
              "name": "http2Transport.NewClientConn"
            },
            {
              "name": "http2Transport.RoundTrip"
            },
            {
              "name": "http2Transport.RoundTripOpt"
            },
            {
              "name": "http2bufferedWriter.Flush"
            },
            {
              "name": "http2bufferedWriter.Write"
            },
            {
              "name": "http2chunkWriter.Write"
            },
            {
              "name": "http2clientConnPool.GetClientConn"
            },
            {
              "name": "http2connError.Error"
            },
            {
              "name": "http2dataBuffer.Read"
            },
            {
              "name": "http2duplicatePseudoHeaderError.Error"
            },
            {
              "name": "http2gzipReader.Close"
            },
            {
              "name": "http2gzipReader.Read"
            },
            {
              "name": "http2headerFieldNameError.Error"
            },
            {
              "name": "http2headerFieldValueError.Error"
            },
            {
              "name": "http2noDialClientConnPool.GetClientConn"
            },
            {
              "name": "http2noDialH2RoundTripper.RoundTrip"
            },
            {
              "name": "http2pipe.Read"
            },
            {
              "name": "http2priorityWriteScheduler.CloseStream"
            },
            {
              "name": "http2priorityWriteScheduler.OpenStream"
            },
            {
              "name": "http2pseudoHeaderError.Error"
            },
            {
              "name": "http2requestBody.Close"
            },
            {
              "name": "http2requestBody.Read"
            },
            {
              "name": "http2responseWriter.Flush"
            },
            {
              "name": "http2responseWriter.FlushError"
            },
            {
              "name": "http2responseWriter.Push"
            },
            {
              "name": "http2responseWriter.SetReadDeadline"
            },
            {
              "name": "http2responseWriter.SetWriteDeadline"
            },
            {
              "name": "http2responseWriter.Write"
            },
            {
              "name": "http2responseWriter.WriteHeader"
            },
            {
              "name": "http2responseWriter.WriteString"
            },
            {
              "name": "http2roundRobinWriteScheduler.OpenStream"
            },
            {
              "name": "http2serverConn.CloseConn"
            },
            {
              "name": "http2serverConn.Flush"
            },
            {
              "name": "http2stickyErrWriter.Write"
            },
            {
              "name": "http2transportResponseBody.Close"
            },
            {
              "name": "http2transportResponseBody.Read"
            },
            {
              "name": "http2writeData.String"
            },
            {
              "name": "initALPNRequest.ServeHTTP"
            },
            {
              "name": "loggingConn.Close"
            },
            {
              "name": "loggingConn.Read"
            },
            {
              "name": "loggingConn.Write"
            },
            {
              "name": "maxBytesReader.Close"
            },
            {
              "name": "maxBytesReader.Read"
            },
            {
              "name": "onceCloseListener.Close"
            },
            {
              "name": "persistConn.Read"
            },
            {
              "name": "persistConnWriter.ReadFrom"
            },
            {
              "name": "persistConnWriter.Write"
            },
            {
              "name": "populateResponse.Write"
            },
            {
              "name": "populateResponse.WriteHeader"
            },
            {
              "name": "readTrackingBody.Close"
            },
            {
              "name": "readTrackingBody.Read"
            },
            {
              "name": "readWriteCloserBody.Read"
            },
            {
              "name": "redirectHandler.ServeHTTP"
            },
            {
              "name": "response.Flush"
            },
            {
              "name": "response.FlushError"
            },
            {
              "name": "response.Hijack"
            },
            {
              "name": "response.ReadFrom"
            },
            {
              "name": "response.Write"
            },
            {
              "name": "response.WriteHeader"
            },
            {
              "name": "response.WriteString"
            },
            {
              "name": "serverHandler.ServeHTTP"
            },
            {
              "name": "socksDialer.DialWithConn"
            },
            {
              "name": "socksUsernamePassword.Authenticate"
            },
            {
              "name": "stringWriter.WriteString"
            },
            {
              "name": "timeoutHandler.ServeHTTP"
            },
            {
              "name": "timeoutWriter.Write"
            },
            {
              "name": "timeoutWriter.WriteHeader"
            },
            {
              "name": "transportReadFromServerError.Error"
            }
          ],
          "vendor": "Go standard library",
          "versions": [
            {
              "lessThan": "1.21.9",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.22.2",
              "status": "affected",
              "version": "1.22.0-0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "golang.org/x/net/http2",
          "product": "golang.org/x/net/http2",
          "programRoutines": [
            {
              "name": "Framer.readMetaFrame"
            },
            {
              "name": "ClientConn.Close"
            },
            {
              "name": "ClientConn.Ping"
            },
            {
              "name": "ClientConn.RoundTrip"
            },
            {
              "name": "ClientConn.Shutdown"
            },
            {
              "name": "ConfigureServer"
            },
            {
              "name": "ConfigureTransport"
            },
            {
              "name": "ConfigureTransports"
            },
            {
              "name": "ConnectionError.Error"
            },
            {
              "name": "ErrCode.String"
            },
            {
              "name": "FrameHeader.String"
            },
            {
              "name": "FrameType.String"
            },
            {
              "name": "FrameWriteRequest.String"
            },
            {
              "name": "Framer.ReadFrame"
            },
            {
              "name": "Framer.WriteContinuation"
            },
            {
              "name": "Framer.WriteData"
            },
            {
              "name": "Framer.WriteDataPadded"
            },
            {
              "name": "Framer.WriteGoAway"
            },
            {
              "name": "Framer.WriteHeaders"
            },
            {
              "name": "Framer.WritePing"
            },
            {
              "name": "Framer.WritePriority"
            },
            {
              "name": "Framer.WritePushPromise"
            },
            {
              "name": "Framer.WriteRSTStream"
            },
            {
              "name": "Framer.WriteRawFrame"
            },
            {
              "name": "Framer.WriteSettings"
            },
            {
              "name": "Framer.WriteSettingsAck"
            },
            {
              "name": "Framer.WriteWindowUpdate"
            },
            {
              "name": "GoAwayError.Error"
            },
            {
              "name": "ReadFrameHeader"
            },
            {
              "name": "Server.ServeConn"
            },
            {
              "name": "Setting.String"
            },
            {
              "name": "SettingID.String"
            },
            {
              "name": "SettingsFrame.ForeachSetting"
            },
            {
              "name": "StreamError.Error"
            },
            {
              "name": "Transport.CloseIdleConnections"
            },
            {
              "name": "Transport.NewClientConn"
            },
            {
              "name": "Transport.RoundTrip"
            },
            {
              "name": "Transport.RoundTripOpt"
            },
            {
              "name": "bufferedWriter.Flush"
            },
            {
              "name": "bufferedWriter.Write"
            },
            {
              "name": "chunkWriter.Write"
            },
            {
              "name": "clientConnPool.GetClientConn"
            },
            {
              "name": "connError.Error"
            },
            {
              "name": "dataBuffer.Read"
            },
            {
              "name": "duplicatePseudoHeaderError.Error"
            },
            {
              "name": "gzipReader.Close"
            },
            {
              "name": "gzipReader.Read"
            },
            {
              "name": "headerFieldNameError.Error"
            },
            {
              "name": "headerFieldValueError.Error"
            },
            {
              "name": "noDialClientConnPool.GetClientConn"
            },
            {
              "name": "noDialH2RoundTripper.RoundTrip"
            },
            {
              "name": "pipe.Read"
            },
            {
              "name": "priorityWriteScheduler.CloseStream"
            },
            {
              "name": "priorityWriteScheduler.OpenStream"
            },
            {
              "name": "pseudoHeaderError.Error"
            },
            {
              "name": "requestBody.Close"
            },
            {
              "name": "requestBody.Read"
            },
            {
              "name": "responseWriter.Flush"
            },
            {
              "name": "responseWriter.FlushError"
            },
            {
              "name": "responseWriter.Push"
            },
            {
              "name": "responseWriter.SetReadDeadline"
            },
            {
              "name": "responseWriter.SetWriteDeadline"
            },
            {
              "name": "responseWriter.Write"
            },
            {
              "name": "responseWriter.WriteHeader"
            },
            {
              "name": "responseWriter.WriteString"
            },
            {
              "name": "roundRobinWriteScheduler.OpenStream"
            },
            {
              "name": "serverConn.CloseConn"
            },
            {
              "name": "serverConn.Flush"
            },
            {
              "name": "stickyErrWriter.Write"
            },
            {
              "name": "transportResponseBody.Close"
            },
            {
              "name": "transportResponseBody.Read"
            },
            {
              "name": "writeData.String"
            }
          ],
          "vendor": "golang.org/x/net",
          "versions": [
            {
              "lessThan": "0.23.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Bartek Nowotarski (https://nowotarski.info/)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-01T17:10:07.754Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/issue/65051"
        },
        {
          "url": "https://go.dev/cl/576155"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2024-2687"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240419-0009/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/04/05/4"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/04/03/16"
        }
      ],
      "title": "HTTP/2 CONTINUATION flood in net/http"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2023-45288",
    "datePublished": "2024-04-04T20:37:30.714Z",
    "dateReserved": "2023-10-06T17:06:26.221Z",
    "dateUpdated": "2025-11-04T18:17:43.583Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-13484 (GCVE-0-2024-13484)

Vulnerability from cvelistv5 – Published: 2025-01-28 17:54 – Updated: 2026-02-25 18:24

Title

Openshift-gitops-operator-container: namespace isolation break

Summary

Severity

8.2 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-668 - Exposure of Resource to Wrong Sphere

Assigner

redhat

References

5 references

URL	Tags
https://access.redhat.com/errata/RHSA-2025:7753	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8274	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9506	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-13484	vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2269376	issue-trackingx_refsource_REDHAT

Impacted products

22 products

Vendor	Product	Version
		Affected: 0 , < 1.13 (semver)
Red Hat	Red Hat OpenShift GitOps 1.14	Unaffected: v1.14.4-1 , < * (rpm) cpe:/a:redhat:openshift_gitops:1.14::el8 cpe:/a:redhat:openshift_gitops:1.14::el9
Red Hat	Red Hat OpenShift GitOps 1.14	Unaffected: v1.14.4-1 , < * (rpm) cpe:/a:redhat:openshift_gitops:1.14::el8 cpe:/a:redhat:openshift_gitops:1.14::el9
Red Hat	Red Hat OpenShift GitOps 1.14	Unaffected: v1.14.4-1 , < * (rpm) cpe:/a:redhat:openshift_gitops:1.14::el8 cpe:/a:redhat:openshift_gitops:1.14::el9
Red Hat	Red Hat OpenShift GitOps 1.14	Unaffected: v1.14.4-1 , < * (rpm) cpe:/a:redhat:openshift_gitops:1.14::el8 cpe:/a:redhat:openshift_gitops:1.14::el9
Red Hat	Red Hat OpenShift GitOps 1.14	Unaffected: v1.14.4-1 , < * (rpm) cpe:/a:redhat:openshift_gitops:1.14::el8 cpe:/a:redhat:openshift_gitops:1.14::el9
Red Hat	Red Hat OpenShift GitOps 1.14	Unaffected: v1.14.4-1 , < * (rpm) cpe:/a:redhat:openshift_gitops:1.14::el8 cpe:/a:redhat:openshift_gitops:1.14::el9
Red Hat	Red Hat OpenShift GitOps 1.14	Unaffected: v1.14.4-1 , < * (rpm) cpe:/a:redhat:openshift_gitops:1.14::el8 cpe:/a:redhat:openshift_gitops:1.14::el9
Red Hat	Red Hat OpenShift GitOps 1.14	Unaffected: v1.14.4-1 , < * (rpm) cpe:/a:redhat:openshift_gitops:1.14::el8 cpe:/a:redhat:openshift_gitops:1.14::el9
Red Hat	Red Hat OpenShift GitOps 1.14	Unaffected: v1.14.4-1 , < * (rpm) cpe:/a:redhat:openshift_gitops:1.14::el8 cpe:/a:redhat:openshift_gitops:1.14::el9
Red Hat	Red Hat OpenShift GitOps 1.14	Unaffected: v1.14.4-1 , < * (rpm) cpe:/a:redhat:openshift_gitops:1.14::el8 cpe:/a:redhat:openshift_gitops:1.14::el9
Red Hat	Red Hat OpenShift GitOps 1.15	Unaffected: v1.15.2-4 , < * (rpm) cpe:/a:redhat:openshift_gitops:1.15::el9 cpe:/a:redhat:openshift_gitops:1.15::el8
Red Hat	Red Hat OpenShift GitOps 1.15	Unaffected: v1.15.2-4 , < * (rpm) cpe:/a:redhat:openshift_gitops:1.15::el9 cpe:/a:redhat:openshift_gitops:1.15::el8
Red Hat	Red Hat OpenShift GitOps 1.15	Unaffected: v1.15.2-1 , < * (rpm) cpe:/a:redhat:openshift_gitops:1.15::el9 cpe:/a:redhat:openshift_gitops:1.15::el8
Red Hat	Red Hat OpenShift GitOps 1.15	Unaffected: v1.15.2-4 , < * (rpm) cpe:/a:redhat:openshift_gitops:1.15::el9 cpe:/a:redhat:openshift_gitops:1.15::el8
Red Hat	Red Hat OpenShift GitOps 1.15	Unaffected: v1.15.2-4 , < * (rpm) cpe:/a:redhat:openshift_gitops:1.15::el9 cpe:/a:redhat:openshift_gitops:1.15::el8
Red Hat	Red Hat OpenShift GitOps 1.15	Unaffected: v1.15.2-4 , < * (rpm) cpe:/a:redhat:openshift_gitops:1.15::el9 cpe:/a:redhat:openshift_gitops:1.15::el8
Red Hat	Red Hat OpenShift GitOps 1.15	Unaffected: v1.15.2-4 , < * (rpm) cpe:/a:redhat:openshift_gitops:1.15::el9 cpe:/a:redhat:openshift_gitops:1.15::el8
Red Hat	Red Hat OpenShift GitOps 1.15	Unaffected: v1.15.2-4 , < * (rpm) cpe:/a:redhat:openshift_gitops:1.15::el9 cpe:/a:redhat:openshift_gitops:1.15::el8
Red Hat	Red Hat OpenShift GitOps 1.15	Unaffected: v1.15.2-4 , < * (rpm) cpe:/a:redhat:openshift_gitops:1.15::el9 cpe:/a:redhat:openshift_gitops:1.15::el8
Red Hat	Red Hat OpenShift GitOps 1.15	Unaffected: v1.15.2-4 , < * (rpm) cpe:/a:redhat:openshift_gitops:1.15::el9 cpe:/a:redhat:openshift_gitops:1.15::el8
Red Hat	Red Hat OpenShift GitOps 1.16	Unaffected: sha256:4c56abf35c11af85501a8c4a2ec30b1f1efd28eee8af6d62e417846a40cde72e , < * (rpm) cpe:/a:redhat:openshift_gitops:1.16::el8

Date Public

2025-01-28 17:43

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-13484",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-28T18:25:37.752075Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T16:02:49.183Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/redhat-developer/gitops-operator",
          "defaultStatus": "unaffected",
          "packageName": "gitops-operator",
          "versions": [
            {
              "lessThan": "1.13",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.14::el8",
            "cpe:/a:redhat:openshift_gitops:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/argocd-rhel8",
          "product": "Red Hat OpenShift GitOps 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.14.4-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.14::el8",
            "cpe:/a:redhat:openshift_gitops:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/argocd-rhel9",
          "product": "Red Hat OpenShift GitOps 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.14.4-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.14::el8",
            "cpe:/a:redhat:openshift_gitops:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/argo-rollouts-rhel8",
          "product": "Red Hat OpenShift GitOps 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.14.4-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.14::el8",
            "cpe:/a:redhat:openshift_gitops:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/console-plugin-rhel8",
          "product": "Red Hat OpenShift GitOps 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.14.4-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.14::el8",
            "cpe:/a:redhat:openshift_gitops:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/dex-rhel8",
          "product": "Red Hat OpenShift GitOps 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.14.4-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.14::el8",
            "cpe:/a:redhat:openshift_gitops:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/gitops-operator-bundle",
          "product": "Red Hat OpenShift GitOps 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.14.4-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.14::el8",
            "cpe:/a:redhat:openshift_gitops:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/gitops-rhel8",
          "product": "Red Hat OpenShift GitOps 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.14.4-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.14::el8",
            "cpe:/a:redhat:openshift_gitops:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/gitops-rhel8-operator",
          "product": "Red Hat OpenShift GitOps 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.14.4-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.14::el8",
            "cpe:/a:redhat:openshift_gitops:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/kam-delivery-rhel8",
          "product": "Red Hat OpenShift GitOps 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.14.4-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.14::el8",
            "cpe:/a:redhat:openshift_gitops:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/must-gather-rhel8",
          "product": "Red Hat OpenShift GitOps 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.14.4-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.15::el9",
            "cpe:/a:redhat:openshift_gitops:1.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/argocd-extensions-rhel8",
          "product": "Red Hat OpenShift GitOps 1.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.15.2-4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.15::el9",
            "cpe:/a:redhat:openshift_gitops:1.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/argocd-rhel8",
          "product": "Red Hat OpenShift GitOps 1.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.15.2-4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.15::el9",
            "cpe:/a:redhat:openshift_gitops:1.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/argocd-rhel9",
          "product": "Red Hat OpenShift GitOps 1.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.15.2-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.15::el9",
            "cpe:/a:redhat:openshift_gitops:1.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/argo-rollouts-rhel8",
          "product": "Red Hat OpenShift GitOps 1.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.15.2-4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.15::el9",
            "cpe:/a:redhat:openshift_gitops:1.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/console-plugin-rhel8",
          "product": "Red Hat OpenShift GitOps 1.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.15.2-4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.15::el9",
            "cpe:/a:redhat:openshift_gitops:1.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/dex-rhel8",
          "product": "Red Hat OpenShift GitOps 1.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.15.2-4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.15::el9",
            "cpe:/a:redhat:openshift_gitops:1.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/gitops-operator-bundle",
          "product": "Red Hat OpenShift GitOps 1.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.15.2-4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.15::el9",
            "cpe:/a:redhat:openshift_gitops:1.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/gitops-rhel8",
          "product": "Red Hat OpenShift GitOps 1.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.15.2-4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.15::el9",
            "cpe:/a:redhat:openshift_gitops:1.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/gitops-rhel8-operator",
          "product": "Red Hat OpenShift GitOps 1.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.15.2-4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.15::el9",
            "cpe:/a:redhat:openshift_gitops:1.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/must-gather-rhel8",
          "product": "Red Hat OpenShift GitOps 1.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.15.2-4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1.16::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/gitops-rhel8-operator",
          "product": "Red Hat OpenShift GitOps 1.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:4c56abf35c11af85501a8c4a2ec30b1f1efd28eee8af6d62e417846a40cde72e",
              "versionType": "rpm"
            }
          ]
        }
      ],
      "datePublic": "2025-01-28T17:43:15.879Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in openshift-gitops-operator-container. The openshift.io/cluster-monitoring label is applied to all namespaces that deploy an ArgoCD CR instance, allowing the namespace to create a rogue PrometheusRule. This issue can have adverse effects on the platform monitoring stack, as the rule is rolled out cluster-wide when the label is applied."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-668",
              "description": "Exposure of Resource to Wrong Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-25T18:24:30.362Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:7753",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7753"
        },
        {
          "name": "RHSA-2025:8274",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8274"
        },
        {
          "name": "RHSA-2025:9506",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9506"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-13484"
        },
        {
          "name": "RHBZ#2269376",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269376"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-03-13T00:00:00.000Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-01-28T17:43:15.879Z",
          "value": "Made public."
        }
      ],
      "title": "Openshift-gitops-operator-container: namespace isolation break",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-668: Exposure of Resource to Wrong Sphere"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-13484",
    "datePublished": "2025-01-28T17:54:28.701Z",
    "dateReserved": "2025-01-16T19:04:50.460Z",
    "dateUpdated": "2026-02-25T18:24:30.362Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-57083 (GCVE-0-2024-57083)

Vulnerability from cvelistv5 – Published: 2025-03-28 00:00 – Updated: 2025-04-01 19:13

Summary

A prototype pollution in the component Module.mergeObjects (redoc/bundles/redoc.lib.js:2) of redoc <= 2.2.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

Assigner

mitre

References

1 reference

URL	Tags
https://github.com/Redocly/redoc/issues/2499

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-57083",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-01T19:04:31.362668Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-1321",
                "description": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-01T19:13:06.925Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/Redocly/redoc/issues/2499"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A prototype pollution in the component Module.mergeObjects (redoc/bundles/redoc.lib.js:2) of redoc \u003c= 2.2.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-03-28T20:33:31.636Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/Redocly/redoc/issues/2499"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-57083",
    "datePublished": "2025-03-28T00:00:00.000Z",
    "dateReserved": "2025-01-09T00:00:00.000Z",
    "dateUpdated": "2025-04-01T19:13:06.925Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-22868 (GCVE-0-2025-22868)

Vulnerability from cvelistv5 – Published: 2025-02-26 03:07 – Updated: 2025-02-26 14:46

Title

Unexpected memory consumption during token parsing in golang.org/x/oauth2

Summary

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-1286 - Improper Validation of Syntactic Correctness of Input

Assigner

References

3 references

URL	Tags
https://go.dev/cl/652155
https://go.dev/issue/71490
https://pkg.go.dev/vuln/GO-2025-3488

Impacted products

1 product

Vendor	Product	Version
golang.org/x/oauth2	golang.org/x/oauth2/jws	Affected: 0 , < 0.27.0 (semver)

Credits

jub0bs

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-22868",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-26T14:45:27.246610Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-1286",
                "description": "CWE-1286 Improper Validation of Syntactic Correctness of Input",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-26T14:46:20.671Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "golang.org/x/oauth2/jws",
          "product": "golang.org/x/oauth2/jws",
          "programRoutines": [
            {
              "name": "Verify"
            }
          ],
          "vendor": "golang.org/x/oauth2",
          "versions": [
            {
              "lessThan": "0.27.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "jub0bs"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-26T03:07:49.012Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/cl/652155"
        },
        {
          "url": "https://go.dev/issue/71490"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2025-3488"
        }
      ],
      "title": "Unexpected memory consumption during token parsing in golang.org/x/oauth2"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2025-22868",
    "datePublished": "2025-02-26T03:07:49.012Z",
    "dateReserved": "2025-01-08T19:11:42.834Z",
    "dateUpdated": "2025-02-26T14:46:20.671Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-22869 (GCVE-0-2025-22869)

Vulnerability from cvelistv5 – Published: 2025-02-26 03:07 – Updated: 2025-04-11 22:03

Title

Potential denial of service in golang.org/x/crypto

Summary

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-770 - Allocation of Resources Without Limits or Throttling

Assigner

References

3 references

URL	Tags
https://go.dev/cl/652135
https://go.dev/issue/71931
https://pkg.go.dev/vuln/GO-2025-3487

Impacted products

1 product

Vendor	Product	Version
golang.org/x/crypto	golang.org/x/crypto/ssh	Affected: 0 , < 0.35.0 (semver)

Credits

Yuichi Watanabe

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-22869",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-26T14:57:07.968721Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-770",
                "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-26T14:57:49.252Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-04-11T22:03:24.222Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20250411-0010/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "golang.org/x/crypto/ssh",
          "product": "golang.org/x/crypto/ssh",
          "programRoutines": [
            {
              "name": "newHandshakeTransport"
            },
            {
              "name": "handshakeTransport.recordWriteError"
            },
            {
              "name": "handshakeTransport.kexLoop"
            },
            {
              "name": "handshakeTransport.writePacket"
            },
            {
              "name": "Client.Dial"
            },
            {
              "name": "Client.DialContext"
            },
            {
              "name": "Client.DialTCP"
            },
            {
              "name": "Client.Listen"
            },
            {
              "name": "Client.ListenTCP"
            },
            {
              "name": "Client.ListenUnix"
            },
            {
              "name": "Client.NewSession"
            },
            {
              "name": "Dial"
            },
            {
              "name": "DiscardRequests"
            },
            {
              "name": "NewClient"
            },
            {
              "name": "NewClientConn"
            },
            {
              "name": "NewServerConn"
            },
            {
              "name": "Request.Reply"
            },
            {
              "name": "Session.Close"
            },
            {
              "name": "Session.CombinedOutput"
            },
            {
              "name": "Session.Output"
            },
            {
              "name": "Session.RequestPty"
            },
            {
              "name": "Session.RequestSubsystem"
            },
            {
              "name": "Session.Run"
            },
            {
              "name": "Session.SendRequest"
            },
            {
              "name": "Session.Setenv"
            },
            {
              "name": "Session.Shell"
            },
            {
              "name": "Session.Signal"
            },
            {
              "name": "Session.Start"
            },
            {
              "name": "Session.WindowChange"
            },
            {
              "name": "channel.Accept"
            },
            {
              "name": "channel.Close"
            },
            {
              "name": "channel.CloseWrite"
            },
            {
              "name": "channel.Read"
            },
            {
              "name": "channel.ReadExtended"
            },
            {
              "name": "channel.Reject"
            },
            {
              "name": "channel.SendRequest"
            },
            {
              "name": "channel.Write"
            },
            {
              "name": "channel.WriteExtended"
            },
            {
              "name": "connection.SendAuthBanner"
            },
            {
              "name": "curve25519sha256.Client"
            },
            {
              "name": "curve25519sha256.Server"
            },
            {
              "name": "dhGEXSHA.Client"
            },
            {
              "name": "dhGEXSHA.Server"
            },
            {
              "name": "dhGroup.Client"
            },
            {
              "name": "dhGroup.Server"
            },
            {
              "name": "ecdh.Client"
            },
            {
              "name": "ecdh.Server"
            },
            {
              "name": "extChannel.Read"
            },
            {
              "name": "extChannel.Write"
            },
            {
              "name": "mux.OpenChannel"
            },
            {
              "name": "mux.SendRequest"
            },
            {
              "name": "sessionStdin.Close"
            },
            {
              "name": "sshClientKeyboardInteractive.Challenge"
            },
            {
              "name": "tcpListener.Accept"
            },
            {
              "name": "tcpListener.Close"
            },
            {
              "name": "unixListener.Accept"
            },
            {
              "name": "unixListener.Close"
            }
          ],
          "vendor": "golang.org/x/crypto",
          "versions": [
            {
              "lessThan": "0.35.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Yuichi Watanabe"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-26T03:07:48.855Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/cl/652135"
        },
        {
          "url": "https://go.dev/issue/71931"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2025-3487"
        }
      ],
      "title": "Potential denial of service in golang.org/x/crypto"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2025-22869",
    "datePublished": "2025-02-26T03:07:48.855Z",
    "dateReserved": "2025-01-08T19:11:42.834Z",
    "dateUpdated": "2025-04-11T22:03:24.222Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-27144 (GCVE-0-2025-27144)

Vulnerability from cvelistv5 – Published: 2025-02-24 22:22 – Updated: 2025-02-25 14:27

Title

Go JOSE's Parsing Vulnerable to Denial of Service

Summary

Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, ".") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.

Severity

6.6 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

CWE

CWE-770 - Allocation of Resources Without Limits or Throttling

Assigner

GitHub_M

References

3 references

URL	Tags
https://github.com/go-jose/go-jose/security/advis…	x_refsource_CONFIRM
https://github.com/go-jose/go-jose/commit/99b346c…	x_refsource_MISC
https://github.com/go-jose/go-jose/releases/tag/v4.0.5	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
go-jose	go-jose	Affected: >= 4.0.0, < 4.0.5

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-27144",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-25T14:26:42.682392Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-25T14:27:04.978Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "go-jose",
          "vendor": "go-jose",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 4.0.0, \u003c 4.0.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters.  An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-24T22:22:22.863Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78"
        },
        {
          "name": "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22"
        },
        {
          "name": "https://github.com/go-jose/go-jose/releases/tag/v4.0.5",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/go-jose/go-jose/releases/tag/v4.0.5"
        }
      ],
      "source": {
        "advisory": "GHSA-c6gw-w398-hv78",
        "discovery": "UNKNOWN"
      },
      "title": "Go JOSE\u0027s Parsing Vulnerable to Denial of Service"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-27144",
    "datePublished": "2025-02-24T22:22:22.863Z",
    "dateReserved": "2025-02-19T16:30:47.777Z",
    "dateUpdated": "2025-02-25T14:27:04.978Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-29786 (GCVE-0-2025-29786)

Vulnerability from cvelistv5 – Published: 2025-03-17 13:15 – Updated: 2026-01-23 16:29

Title

Memory Exhaustion in Expr Parser with Unrestricted Input

Summary

Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree (AST) node for each part of the expression. In scenarios where input size isn’t limited, a malicious or inadvertent extremely large expression can consume excessive memory as the parser builds a huge AST. This can ultimately lead to*excessive memory usage and an Out-Of-Memory (OOM) crash of the process. This issue is relatively uncommon and will only manifest when there are no restrictions on the input size, i.e. the expression length is allowed to grow arbitrarily large. In typical use cases where inputs are bounded or validated, this problem would not occur. The problem has been patched in the latest versions of the Expr library. The fix introduces compile-time limits on the number of AST nodes and memory usage during parsing, preventing any single expression from exhausting resources. Users should upgrade to Expr version 1.17.0 or later, as this release includes the new node budget and memory limit safeguards. Upgrading to v1.17.0 ensures that extremely deep or large expressions are detected and safely aborted during compilation, avoiding the OOM condition. For users who cannot immediately upgrade, the recommended workaround is to impose an input size restriction before parsing. In practice, this means validating or limiting the length of expression strings that your application will accept. For example, set a maximum allowable number of characters (or nodes) for any expression and reject or truncate inputs that exceed this limit. By ensuring no unbounded-length expression is ever fed into the parser, one can prevent the parser from constructing a pathologically large AST and avoid potential memory exhaustion. In short, pre-validate and cap input size as a safeguard in the absence of the patch.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-770 - Allocation of Resources Without Limits or Throttling

Assigner

GitHub_M

References

3 references

URL	Tags
https://github.com/expr-lang/expr/security/adviso…	x_refsource_CONFIRM
https://github.com/expr-lang/expr/pull/762	x_refsource_MISC
https://github.com/expr-lang/expr/commit/0d194414…	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
expr-lang	expr	Affected: < 1.17.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-29786",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-17T13:29:22.591802Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-17T13:29:29.177Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "expr",
          "vendor": "expr-lang",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.17.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree (AST) node for each part of the expression. In scenarios where input size isn\u2019t limited, a malicious or inadvertent extremely large expression can consume excessive memory as the parser builds a huge AST. This can ultimately lead to*excessive memory usage and an Out-Of-Memory (OOM) crash of the process. This issue is relatively uncommon and will only manifest when there are no restrictions on the input size, i.e. the expression length is allowed to grow arbitrarily large. In typical use cases where inputs are bounded or validated, this problem would not occur. The problem has been patched in the latest versions of the Expr library. The fix introduces compile-time limits on the number of AST nodes and memory usage during parsing, preventing any single expression from exhausting resources. Users should upgrade to Expr version 1.17.0 or later, as this release includes the new node budget and memory limit safeguards. Upgrading to v1.17.0 ensures that extremely deep or large expressions are detected and safely aborted during compilation, avoiding the OOM condition. For users who cannot immediately upgrade, the recommended workaround is to impose an input size restriction before parsing. In practice, this means validating or limiting the length of expression strings that your application will accept. For example, set a maximum allowable number of characters (or nodes) for any expression and reject or truncate inputs that exceed this limit. By ensuring no unbounded-length expression is ever fed into the parser, one can prevent the parser from constructing a pathologically large AST and avoid potential memory exhaustion. In short, pre-validate and cap input size as a safeguard in the absence of the patch."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-23T16:29:26.719Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/expr-lang/expr/security/advisories/GHSA-93mq-9ffx-83m2",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/expr-lang/expr/security/advisories/GHSA-93mq-9ffx-83m2"
        },
        {
          "name": "https://github.com/expr-lang/expr/pull/762",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/expr-lang/expr/pull/762"
        },
        {
          "name": "https://github.com/expr-lang/expr/commit/0d19441454426d2f58edb22c31f3ba5f99c7a26e",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/expr-lang/expr/commit/0d19441454426d2f58edb22c31f3ba5f99c7a26e"
        }
      ],
      "source": {
        "advisory": "GHSA-93mq-9ffx-83m2",
        "discovery": "UNKNOWN"
      },
      "title": "Memory Exhaustion in Expr Parser with Unrestricted Input"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-29786",
    "datePublished": "2025-03-17T13:15:32.836Z",
    "dateReserved": "2025-03-11T14:23:00.476Z",
    "dateUpdated": "2026-01-23T16:29:26.719Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-30204 (GCVE-0-2025-30204)

Vulnerability from cvelistv5 – Published: 2025-03-21 21:42 – Updated: 2025-04-10 13:03

Title

jwt-go allows excessive memory allocation during header parsing

Summary

golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits (via a call to strings.Split) its argument (which is untrusted data) on periods. As a result, in the face of a malicious request whose Authorization header consists of Bearer followed by many period characters, a call to that function incurs allocations to the tune of O(n) bytes (where n stands for the length of the function's argument), with a constant factor of about 16. This issue is fixed in 5.2.2 and 4.5.2.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-405 - Asymmetric Resource Consumption (Amplification)

Assigner

GitHub_M

References

3 references

URL	Tags
https://github.com/golang-jwt/jwt/security/adviso…	x_refsource_CONFIRM
https://github.com/golang-jwt/jwt/commit/0951d184…	x_refsource_MISC
https://github.com/golang-jwt/jwt/commit/bf316c48…	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
golang-jwt	jwt	Affected: >= 3.2.0, < 4.5.2 Affected: >= 5.0.0-rc.1, < 5.2.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-30204",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-24T14:10:18.281694Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-24T14:10:35.776Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-04-04T23:03:13.309Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20250404-0002/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "jwt",
          "vendor": "golang-jwt",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 3.2.0, \u003c 4.5.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 5.0.0-rc.1, \u003c 5.2.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits (via a call to strings.Split) its argument (which is untrusted data) on periods. As a result, in the face of a malicious request whose Authorization header consists of Bearer  followed by many period characters, a call to that function incurs allocations to the tune of O(n) bytes (where n stands for the length of the function\u0027s argument), with a constant factor of about 16. This issue is fixed in 5.2.2 and 4.5.2."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-405",
              "description": "CWE-405: Asymmetric Resource Consumption (Amplification)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-10T13:03:19.897Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp"
        },
        {
          "name": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3"
        },
        {
          "name": "https://github.com/golang-jwt/jwt/commit/bf316c48137a1212f8d0af9288cc9ce8e59f1afb",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/golang-jwt/jwt/commit/bf316c48137a1212f8d0af9288cc9ce8e59f1afb"
        }
      ],
      "source": {
        "advisory": "GHSA-mh63-6h87-95cp",
        "discovery": "UNKNOWN"
      },
      "title": "jwt-go allows excessive memory allocation during header parsing"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-30204",
    "datePublished": "2025-03-21T21:42:01.382Z",
    "dateReserved": "2025-03-18T18:15:13.849Z",
    "dateUpdated": "2025-04-10T13:03:19.897Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

RHSA-2025:7753

CVE-2023-45288 (GCVE-0-2023-45288)

CVE-2024-13484 (GCVE-0-2024-13484)

CVE-2024-57083 (GCVE-0-2024-57083)

CVE-2025-22868 (GCVE-0-2025-22868)

CVE-2025-22869 (GCVE-0-2025-22869)

CVE-2025-27144 (GCVE-0-2025-27144)

CVE-2025-29786 (GCVE-0-2025-29786)

CVE-2025-30204 (GCVE-0-2025-30204)

Tags

Sightings

Nomenclature