csaf_suse - suse-su-2024:2090-1

SUSE-SU-2024:2090-1

Vulnerability from csaf_suse - Published: 2024-06-19 10:38 - Updated: 2024-06-19 10:38

Summary

Security update for podman

Notes

Title of the patch

Security update for podman

Description of the patch

This update for podman fixes the following issues: - Update to version 4.9.5 - CVE-2024-3727: Fixed a flaw that allowed attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. (bsc#1224122) - CVE-2024-24786: Fixed an infinite loop in protojson. (bsc#1226136)

Patchnames

SUSE-2024-2090,SUSE-SLE-Micro-5.3-2024-2090,SUSE-SLE-Micro-5.4-2024-2090,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2090,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2090,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2090,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2090,openSUSE-Leap-Micro-5.3-2024-2090,openSUSE-Leap-Micro-5.4-2024-2090

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for podman",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for podman fixes the following issues:\n\n- Update to version 4.9.5\n- CVE-2024-3727: Fixed a flaw that allowed attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. (bsc#1224122)\n- CVE-2024-24786: Fixed an infinite loop in protojson. (bsc#1226136)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2024-2090,SUSE-SLE-Micro-5.3-2024-2090,SUSE-SLE-Micro-5.4-2024-2090,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2090,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2090,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2090,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2090,openSUSE-Leap-Micro-5.3-2024-2090,openSUSE-Leap-Micro-5.4-2024-2090",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2090-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2024:2090-1",
        "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242090-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2024:2090-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018757.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1224122",
        "url": "https://bugzilla.suse.com/1224122"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1226136",
        "url": "https://bugzilla.suse.com/1226136"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24786 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24786/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-3727 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-3727/"
      }
    ],
    "title": "Security update for podman",
    "tracking": {
      "current_release_date": "2024-06-19T10:38:55Z",
      "generator": {
        "date": "2024-06-19T10:38:55Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2024:2090-1",
      "initial_release_date": "2024-06-19T10:38:55Z",
      "revision_history": [
        {
          "date": "2024-06-19T10:38:55Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "podman-4.9.5-150400.4.27.1.aarch64",
                "product": {
                  "name": "podman-4.9.5-150400.4.27.1.aarch64",
                  "product_id": "podman-4.9.5-150400.4.27.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "podman-remote-4.9.5-150400.4.27.1.aarch64",
                "product": {
                  "name": "podman-remote-4.9.5-150400.4.27.1.aarch64",
                  "product_id": "podman-remote-4.9.5-150400.4.27.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "podmansh-4.9.5-150400.4.27.1.aarch64",
                "product": {
                  "name": "podmansh-4.9.5-150400.4.27.1.aarch64",
                  "product_id": "podmansh-4.9.5-150400.4.27.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "podman-4.9.5-150400.4.27.1.i586",
                "product": {
                  "name": "podman-4.9.5-150400.4.27.1.i586",
                  "product_id": "podman-4.9.5-150400.4.27.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "podman-remote-4.9.5-150400.4.27.1.i586",
                "product": {
                  "name": "podman-remote-4.9.5-150400.4.27.1.i586",
                  "product_id": "podman-remote-4.9.5-150400.4.27.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "podmansh-4.9.5-150400.4.27.1.i586",
                "product": {
                  "name": "podmansh-4.9.5-150400.4.27.1.i586",
                  "product_id": "podmansh-4.9.5-150400.4.27.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "podman-docker-4.9.5-150400.4.27.1.noarch",
                "product": {
                  "name": "podman-docker-4.9.5-150400.4.27.1.noarch",
                  "product_id": "podman-docker-4.9.5-150400.4.27.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "podman-4.9.5-150400.4.27.1.ppc64le",
                "product": {
                  "name": "podman-4.9.5-150400.4.27.1.ppc64le",
                  "product_id": "podman-4.9.5-150400.4.27.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "podman-remote-4.9.5-150400.4.27.1.ppc64le",
                "product": {
                  "name": "podman-remote-4.9.5-150400.4.27.1.ppc64le",
                  "product_id": "podman-remote-4.9.5-150400.4.27.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "podmansh-4.9.5-150400.4.27.1.ppc64le",
                "product": {
                  "name": "podmansh-4.9.5-150400.4.27.1.ppc64le",
                  "product_id": "podmansh-4.9.5-150400.4.27.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "podman-4.9.5-150400.4.27.1.s390x",
                "product": {
                  "name": "podman-4.9.5-150400.4.27.1.s390x",
                  "product_id": "podman-4.9.5-150400.4.27.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "podman-remote-4.9.5-150400.4.27.1.s390x",
                "product": {
                  "name": "podman-remote-4.9.5-150400.4.27.1.s390x",
                  "product_id": "podman-remote-4.9.5-150400.4.27.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "podmansh-4.9.5-150400.4.27.1.s390x",
                "product": {
                  "name": "podmansh-4.9.5-150400.4.27.1.s390x",
                  "product_id": "podmansh-4.9.5-150400.4.27.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "podman-4.9.5-150400.4.27.1.x86_64",
                "product": {
                  "name": "podman-4.9.5-150400.4.27.1.x86_64",
                  "product_id": "podman-4.9.5-150400.4.27.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "podman-remote-4.9.5-150400.4.27.1.x86_64",
                "product": {
                  "name": "podman-remote-4.9.5-150400.4.27.1.x86_64",
                  "product_id": "podman-remote-4.9.5-150400.4.27.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "podmansh-4.9.5-150400.4.27.1.x86_64",
                "product": {
                  "name": "podmansh-4.9.5-150400.4.27.1.x86_64",
                  "product_id": "podmansh-4.9.5-150400.4.27.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Micro 5.3",
                "product": {
                  "name": "SUSE Linux Enterprise Micro 5.3",
                  "product_id": "SUSE Linux Enterprise Micro 5.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-micro:5.3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Micro 5.4",
                "product": {
                  "name": "SUSE Linux Enterprise Micro 5.4",
                  "product_id": "SUSE Linux Enterprise Micro 5.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-micro:5.4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap Micro 5.3",
                "product": {
                  "name": "openSUSE Leap Micro 5.3",
                  "product_id": "openSUSE Leap Micro 5.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap-micro:5.3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap Micro 5.4",
                "product": {
                  "name": "openSUSE Leap Micro 5.4",
                  "product_id": "openSUSE Leap Micro 5.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap-micro:5.4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
          "product_id": "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.aarch64"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
          "product_id": "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.s390x"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
          "product_id": "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.x86_64"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
          "product_id": "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.aarch64"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
          "product_id": "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.s390x"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
          "product_id": "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.x86_64"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.27.1.aarch64"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.27.1.x86_64"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-docker-4.9.5-150400.4.27.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.27.1.noarch"
        },
        "product_reference": "podman-docker-4.9.5-150400.4.27.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.27.1.aarch64"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.27.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.27.1.x86_64"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.27.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.aarch64"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.x86_64"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-docker-4.9.5-150400.4.27.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.27.1.noarch"
        },
        "product_reference": "podman-docker-4.9.5-150400.4.27.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.aarch64"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.27.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.x86_64"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.27.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.aarch64"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.ppc64le"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.s390x"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.x86_64"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-docker-4.9.5-150400.4.27.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.27.1.noarch"
        },
        "product_reference": "podman-docker-4.9.5-150400.4.27.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.27.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.aarch64"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.27.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.27.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.ppc64le"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.27.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.27.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.s390x"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.27.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.27.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.x86_64"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.27.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.27.1.ppc64le"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.27.1.x86_64"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-docker-4.9.5-150400.4.27.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.27.1.noarch"
        },
        "product_reference": "podman-docker-4.9.5-150400.4.27.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.27.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.27.1.ppc64le"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.27.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-4.9.5-150400.4.27.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.27.1.x86_64"
        },
        "product_reference": "podman-remote-4.9.5-150400.4.27.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.aarch64 as component of openSUSE Leap Micro 5.3",
          "product_id": "openSUSE Leap Micro 5.3:podman-4.9.5-150400.4.27.1.aarch64"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap Micro 5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.x86_64 as component of openSUSE Leap Micro 5.3",
          "product_id": "openSUSE Leap Micro 5.3:podman-4.9.5-150400.4.27.1.x86_64"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap Micro 5.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.aarch64 as component of openSUSE Leap Micro 5.4",
          "product_id": "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.aarch64"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap Micro 5.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.s390x as component of openSUSE Leap Micro 5.4",
          "product_id": "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.s390x"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.s390x",
        "relates_to_product_reference": "openSUSE Leap Micro 5.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-4.9.5-150400.4.27.1.x86_64 as component of openSUSE Leap Micro 5.4",
          "product_id": "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.x86_64"
        },
        "product_reference": "podman-4.9.5-150400.4.27.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap Micro 5.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-24786",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24786"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.27.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.27.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.27.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.27.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.27.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.27.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.x86_64",
          "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.aarch64",
          "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.s390x",
          "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.x86_64",
          "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.aarch64",
          "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.s390x",
          "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.27.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.27.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.27.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.27.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.27.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.27.1.x86_64",
          "openSUSE Leap Micro 5.3:podman-4.9.5-150400.4.27.1.aarch64",
          "openSUSE Leap Micro 5.3:podman-4.9.5-150400.4.27.1.x86_64",
          "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.aarch64",
          "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.s390x",
          "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24786",
          "url": "https://www.suse.com/security/cve/CVE-2024-24786"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226136 for CVE-2024-24786",
          "url": "https://bugzilla.suse.com/1226136"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.27.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.27.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.s390x",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.s390x",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.27.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.27.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.27.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.27.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.27.1.x86_64",
            "openSUSE Leap Micro 5.3:podman-4.9.5-150400.4.27.1.aarch64",
            "openSUSE Leap Micro 5.3:podman-4.9.5-150400.4.27.1.x86_64",
            "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.aarch64",
            "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.s390x",
            "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.27.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.27.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.s390x",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.s390x",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.27.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.27.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.27.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.27.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.27.1.x86_64",
            "openSUSE Leap Micro 5.3:podman-4.9.5-150400.4.27.1.aarch64",
            "openSUSE Leap Micro 5.3:podman-4.9.5-150400.4.27.1.x86_64",
            "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.aarch64",
            "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.s390x",
            "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-19T10:38:55Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-24786"
    },
    {
      "cve": "CVE-2024-3727",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-3727"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.27.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.27.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.27.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.27.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.27.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.27.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.x86_64",
          "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.aarch64",
          "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.s390x",
          "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.x86_64",
          "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.aarch64",
          "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.s390x",
          "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.27.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.27.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.27.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.27.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.27.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.27.1.x86_64",
          "openSUSE Leap Micro 5.3:podman-4.9.5-150400.4.27.1.aarch64",
          "openSUSE Leap Micro 5.3:podman-4.9.5-150400.4.27.1.x86_64",
          "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.aarch64",
          "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.s390x",
          "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-3727",
          "url": "https://www.suse.com/security/cve/CVE-2024-3727"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224112 for CVE-2024-3727",
          "url": "https://bugzilla.suse.com/1224112"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.27.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.27.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.s390x",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.s390x",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.27.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.27.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.27.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.27.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.27.1.x86_64",
            "openSUSE Leap Micro 5.3:podman-4.9.5-150400.4.27.1.aarch64",
            "openSUSE Leap Micro 5.3:podman-4.9.5-150400.4.27.1.x86_64",
            "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.aarch64",
            "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.s390x",
            "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-docker-4.9.5-150400.4.27.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:podman-remote-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-docker-4.9.5-150400.4.27.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.s390x",
            "SUSE Linux Enterprise Micro 5.3:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.s390x",
            "SUSE Linux Enterprise Micro 5.4:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-docker-4.9.5-150400.4.27.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:podman-remote-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.27.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-4.9.5-150400.4.27.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-docker-4.9.5-150400.4.27.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.27.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:podman-remote-4.9.5-150400.4.27.1.x86_64",
            "openSUSE Leap Micro 5.3:podman-4.9.5-150400.4.27.1.aarch64",
            "openSUSE Leap Micro 5.3:podman-4.9.5-150400.4.27.1.x86_64",
            "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.aarch64",
            "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.s390x",
            "openSUSE Leap Micro 5.4:podman-4.9.5-150400.4.27.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-19T10:38:55Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-3727"
    }
  ]
}

CVE-2024-3727 (GCVE-0-2024-3727)

Vulnerability from cvelistv5 – Published: 2024-05-09 14:57 – Updated: 2025-11-25 15:54

Summary

A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.

Severity ?

8.3 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

CWE

CWE-354 - Improper Validation of Integrity Check Value

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2024:0045	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:3718	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:4159	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:4613	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:4850	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:4960	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:5258	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:5951	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:6054	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:6122	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:6708	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:6818	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:6824	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:7164	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:7174	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:7182	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:7187	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:7922	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:7941	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:8260	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:8425	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:9097	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:9098	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:9102	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:9960	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2024-3727	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2274767	issue-trackingx_refsource_REDHAT

Impacted products

Vendor

Product

Version

Affected: 0 , < 5.29.3 (semver)
Affected: 5.30.0 , < 5.30.1 (semver)

Red Hat	OADP-1.3-RHEL-9	Unaffected: 1.3.4-9 , < * (rpm) cpe:/a:redhat:openshift_api_data_protection:1.3::el9
Red Hat	Red Hat Advanced Cluster Security 4.4	Unaffected: 4.4.5-2 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.4::el8
Red Hat	Red Hat Advanced Cluster Security 4.4	Unaffected: 4.4.5-2 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.4::el8
Red Hat	Red Hat Advanced Cluster Security 4.4	Unaffected: 4.4.5-2 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.4::el8
Red Hat	Red Hat Advanced Cluster Security 4.4	Unaffected: 4.4.5-4 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.4::el8
Red Hat	Red Hat Advanced Cluster Security 4.4	Unaffected: 4.4.5-3 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.4::el8
Red Hat	Red Hat Advanced Cluster Security 4.4	Unaffected: 4.4.5-2 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.4::el8
Red Hat	Red Hat Advanced Cluster Security 4.4	Unaffected: 4.4.5-2 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.4::el8
Red Hat	Red Hat Advanced Cluster Security 4.4	Unaffected: 4.4.5-2 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.4::el8
Red Hat	Red Hat Advanced Cluster Security 4.4	Unaffected: 4.4.5-3 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.4::el8
Red Hat	Red Hat Advanced Cluster Security 4.4	Unaffected: 4.4.5-2 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.4::el8
Red Hat	Red Hat Advanced Cluster Security 4.4	Unaffected: 4.4.5-2 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.4::el8
Red Hat	Red Hat Advanced Cluster Security 4.4	Unaffected: 4.4.5-3 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.4::el8
Red Hat	Red Hat Advanced Cluster Security 4.4	Unaffected: 4.4.5-3 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.4::el8
Red Hat	Red Hat Advanced Cluster Security 4.5	Unaffected: 4.5.2-2 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.5::el8
Red Hat	Red Hat Advanced Cluster Security 4.5	Unaffected: 4.5.2-2 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.5::el8
Red Hat	Red Hat Advanced Cluster Security 4.5	Unaffected: 4.5.2-2 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.5::el8
Red Hat	Red Hat Advanced Cluster Security 4.5	Unaffected: 4.5.2-2 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.5::el8
Red Hat	Red Hat Advanced Cluster Security 4.5	Unaffected: 4.5.2-2 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.5::el8
Red Hat	Red Hat Advanced Cluster Security 4.5	Unaffected: 4.5.2-2 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.5::el8
Red Hat	Red Hat Advanced Cluster Security 4.5	Unaffected: 4.5.2-2 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.5::el8
Red Hat	Red Hat Advanced Cluster Security 4.5	Unaffected: 4.5.2-2 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.5::el8
Red Hat	Red Hat Advanced Cluster Security 4.5	Unaffected: 4.5.2-2 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.5::el8
Red Hat	Red Hat Advanced Cluster Security 4.5	Unaffected: 4.5.2-2 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.5::el8
Red Hat	Red Hat Advanced Cluster Security 4.5	Unaffected: 4.5.2-1 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.5::el8
Red Hat	Red Hat Advanced Cluster Security 4.5	Unaffected: 4.5.2-2 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.5::el8
Red Hat	Red Hat Advanced Cluster Security 4.5	Unaffected: 4.5.2-2 , < * (rpm) cpe:/a:redhat:advanced_cluster_security:4.5::el8
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8100020240808093819.afee755d , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 2:1.37.2-1.el9 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 2:1.16.1-1.el9 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 2:5.2.2-1.el9 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Migration Toolkit for Containers 1.8	Unaffected: v1.8.4-22 , < * (rpm) cpe:/a:redhat:rhmt:1.8::el8
Red Hat	Red Hat OpenShift Container Platform 4.13	Unaffected: 3:4.4.1-14.rhaos4.13.el9 , < * (rpm) cpe:/a:redhat:openshift:4.13::el9 cpe:/a:redhat:openshift:4.13::el8 cpe:/a:redhat:openshift_ironic:4.13::el9
Red Hat	Red Hat OpenShift Container Platform 4.13	Unaffected: 2:1.11.3-3.rhaos4.13.el8 , < * (rpm) cpe:/a:redhat:openshift:4.13::el9 cpe:/a:redhat:openshift:4.13::el8 cpe:/a:redhat:openshift_ironic:4.13::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: v4.14.0-202407260439.p0.g8d9b39e.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el9 cpe:/a:redhat:openshift:4.14::el8
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 3:4.4.1-19.rhaos4.14.el8 , < * (rpm) cpe:/a:redhat:openshift_ironic:4.14::el9 cpe:/a:redhat:openshift:4.14::el9 cpe:/a:redhat:openshift:4.14::el8
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 2:1.11.3-3.rhaos4.14.el9 , < * (rpm) cpe:/a:redhat:openshift_ironic:4.14::el9 cpe:/a:redhat:openshift:4.14::el9 cpe:/a:redhat:openshift:4.14::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409172305.p0.g17536c8.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409171307.p0.ged4651a.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409161436.p0.g1f44c02.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409120135.p0.gf7f5eed.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409131835.p0.gadccbd5.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409120135.p0.g8425d88.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409130735.p0.gc03231f.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409131635.p0.gb73e37f.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409161836.p0.g092d15b.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409180105.p0.g1fdd5b0.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409180905.p0.gf6f61ca.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409171307.p0.g160e7ca.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409131635.p0.gb7c1d6a.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409111636.p0.gf0c44f6.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409120135.p0.g3ab953d.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409111636.p0.g9ea52de.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409111636.p0.gd80fe46.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409120135.p0.g8de6f94.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409171307.p0.g5d529dd.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409180305.p0.g1da79fe.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409180305.p0.g1da79fe.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409172305.p0.g5af0be8.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409172305.p0.g5af0be8.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409130536.p0.g1d6a7ed.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409161436.p0.g4121cfc.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409120135.p0.g71a6f28.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409180705.p0.g95ee44e.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202409161234.p0.g4e8d689.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: 415.92.202409162258-0 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: 3:4.4.1-30.rhaos4.15.el8 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8 cpe:/a:redhat:openshift_ironic:4.15::el9
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: 2:1.11.3-4.rhaos4.15.el8 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8 cpe:/a:redhat:openshift_ironic:4.15::el9
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202410230304.p0.g366295f.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202410230304.p0.gfde2b2e.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202407230407.p0.gf3f8de5.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.16	Unaffected: 4:4.9.4-5.1.rhaos4.16.el8 , < * (rpm) cpe:/a:redhat:openshift:4.16::el8 cpe:/a:redhat:openshift_ironic:4.16::el9 cpe:/a:redhat:openshift:4.16::el9
Red Hat	Red Hat OpenShift Container Platform 4.16	Unaffected: 2:1.14.4-1.rhaos4.16.el9 , < * (rpm) cpe:/a:redhat:openshift:4.16::el8 cpe:/a:redhat:openshift_ironic:4.16::el9 cpe:/a:redhat:openshift:4.16::el9
Red Hat	Red Hat OpenShift Container Platform 4.16	Unaffected: 0:1.29.5-7.rhaos4.16.git7db4ada.el9 , < * (rpm) cpe:/a:redhat:openshift:4.16::el8 cpe:/a:redhat:openshift:4.16::el9
Red Hat	Red Hat OpenShift Container Platform 4.16	Unaffected: v4.16.0-202407171536.p0.g1551101.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.16::el9
Red Hat	Red Hat OpenShift Container Platform 4.16	Unaffected: v4.16.0-202409162206.p0.g6a425ab.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.16::el9
Red Hat	Red Hat OpenShift Container Platform 4.16	Unaffected: v4.16.0-202409231504.p0.g342902b.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.16::el9
Red Hat	Red Hat OpenShift Container Platform 4.16	Unaffected: v4.16.0-202410172201.p0.gb121e87.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.16::el9
Red Hat	Red Hat OpenShift Container Platform 4.17	Unaffected: v4.17.0-202409122005.p0.gb170ad0.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.17::el9
Red Hat	Red Hat OpenShift Container Platform 4.17	Unaffected: v4.17.0-202409100034.p0.g8d16b39.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.17::el9
Red Hat	Red Hat OpenShift Container Platform 4.17	Unaffected: v4.17.0-202409101338.p0.gb0d86a0.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.17::el9
Red Hat	Red Hat OpenShift Container Platform 4.17	Unaffected: v4.17.0-202409101338.p0.gb0d86a0.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.17::el9
Red Hat	Red Hat OpenShift Container Platform 4.17	Unaffected: v4.17.0-202410022234.p0.gfbc55c6.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.17::el9
Red Hat	Red Hat OpenShift Container Platform 4.18	Unaffected: v4.18.0-202502100934.p0.gc00c7c9.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.18::el9
Red Hat	Red Hat OpenShift Container Platform 4.18	Unaffected: v4.18.0-202502040032.p0.ge5a4005.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.18::el9
Red Hat	Red Hat OpenShift Container Platform 4.18	Unaffected: v4.18.0-202502041302.p0.g51a74ac.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.18::el9
Red Hat	Red Hat OpenShift Container Platform 4.18	Unaffected: v4.18.0-202501230001.p0.g5348c85.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.18::el9
Red Hat	Red Hat OpenShift Container Platform 4.18	Unaffected: v4.18.0-202502100153.p0.g120ba67.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.18::el9
Red Hat	Red Hat OpenShift Container Platform 4.18	Unaffected: v4.18.0-202502060238.p0.g73d65db.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.18::el9
Red Hat	RHEL-9-CNV-4.15	Unaffected: v4.15.5-7 , < * (rpm) cpe:/a:redhat:container_native_virtualization:4.15::el9
Red Hat	Multicluster Engine for Kubernetes	cpe:/a:redhat:multicluster_engine
Red Hat	Multicluster Engine for Kubernetes	cpe:/a:redhat:multicluster_engine
Red Hat	Multicluster Engine for Kubernetes	cpe:/a:redhat:multicluster_engine
Red Hat	Multicluster Engine for Kubernetes	cpe:/a:redhat:multicluster_engine
Red Hat	Multicluster Engine for Kubernetes	cpe:/a:redhat:multicluster_engine
Red Hat	OpenShift Developer Tools and Services	cpe:/a:redhat:ocp_tools
Red Hat	OpenShift Developer Tools and Services	cpe:/a:redhat:ocp_tools
Red Hat	OpenShift Serverless	cpe:/a:redhat:serverless:1
Red Hat	OpenShift Serverless	cpe:/a:redhat:serverless:1
Red Hat	OpenShift Source-to-Image (S2I)	cpe:/a:redhat:source_to_image:1
Red Hat	Red Hat Advanced Cluster Management for Kubernetes 2	cpe:/a:redhat:acm:2
Red Hat	Red Hat Advanced Cluster Security 3	cpe:/a:redhat:advanced_cluster_security:3
Red Hat	Red Hat Advanced Cluster Security 3	cpe:/a:redhat:advanced_cluster_security:3
Red Hat	Red Hat Advanced Cluster Security 3	cpe:/a:redhat:advanced_cluster_security:3
Red Hat	Red Hat Advanced Cluster Security 3	cpe:/a:redhat:advanced_cluster_security:3
Red Hat	Red Hat Advanced Cluster Security 3	cpe:/a:redhat:advanced_cluster_security:3
Red Hat	Red Hat Advanced Cluster Security 3	cpe:/a:redhat:advanced_cluster_security:3
Red Hat	Red Hat Advanced Cluster Security 3	cpe:/a:redhat:advanced_cluster_security:3
Red Hat	Red Hat Advanced Cluster Security 3	cpe:/a:redhat:advanced_cluster_security:3
Red Hat	Red Hat Ansible Automation Platform 1.2	cpe:/a:redhat:ansible_automation_platform
Red Hat	Red Hat Ansible Automation Platform 2	cpe:/a:redhat:ansible_automation_platform:2
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat OpenShift Container Platform 3.11	cpe:/a:redhat:openshift:3.11
Red Hat	Red Hat OpenShift Container Platform 3.11	cpe:/a:redhat:openshift:3.11
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform Assisted Installer 1	cpe:/a:redhat:assisted_installer:1
Red Hat	Red Hat OpenShift Container Platform Assisted Installer 1	cpe:/a:redhat:assisted_installer:1
Red Hat	Red Hat OpenShift Container Platform Assisted Installer 1	cpe:/a:redhat:assisted_installer:1
Red Hat	Red Hat OpenShift Dev Spaces	cpe:/a:redhat:openshift_devspaces:3:
Red Hat	Red Hat Openshift Sandboxed Containers	cpe:/a:redhat:openshift_sandboxed_containers:1
Red Hat	Red Hat Openshift Sandboxed Containers	cpe:/a:redhat:openshift_sandboxed_containers:1
Red Hat	Red Hat OpenShift Virtualization 4	cpe:/a:redhat:container_native_virtualization:4
Red Hat	Red Hat OpenShift Virtualization 4	cpe:/a:redhat:container_native_virtualization:4
Red Hat	Red Hat OpenShift Virtualization 4	cpe:/a:redhat:container_native_virtualization:4
Red Hat	Red Hat OpenShift Virtualization 4	cpe:/a:redhat:container_native_virtualization:4
Red Hat	Red Hat OpenShift Virtualization 4	cpe:/a:redhat:container_native_virtualization:4
Red Hat	Red Hat OpenShift Virtualization 4	cpe:/a:redhat:container_native_virtualization:4
Red Hat	Red Hat OpenShift Virtualization 4	cpe:/a:redhat:container_native_virtualization:4
Red Hat	Red Hat OpenShift Virtualization 4	cpe:/a:redhat:container_native_virtualization:4
Red Hat	Red Hat OpenShift Virtualization 4	cpe:/a:redhat:container_native_virtualization:4
Red Hat	Red Hat OpenShift Virtualization 4	cpe:/a:redhat:container_native_virtualization:4
Red Hat	Red Hat OpenShift Virtualization 4	cpe:/a:redhat:container_native_virtualization:4
Red Hat	Red Hat OpenShift Virtualization 4	cpe:/a:redhat:container_native_virtualization:4
Red Hat	Red Hat OpenShift Virtualization 4	cpe:/a:redhat:container_native_virtualization:4
Red Hat	Red Hat OpenStack Platform 16.2	cpe:/a:redhat:openstack:16.2
Red Hat	Red Hat Quay 3	cpe:/a:redhat:quay:3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3727",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-13T17:59:41.318223Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:33:13.046Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:20:01.029Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2024:0045",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0045"
          },
          {
            "name": "RHSA-2024:4159",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4159"
          },
          {
            "name": "RHSA-2024:4613",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4613"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-3727"
          },
          {
            "name": "RHBZ#2274767",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274767"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HEYS34N55G7NOQZKNEXZKQVNDGEICCD/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6B37TXOKTKDBE2V26X2NSP7JKNMZOFVP/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CYT3D2P3OJKISNFKOOHGY6HCUCQZYAVR/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLND3YDQQRWVRIUPL2G5UKXP5L3VSBBT/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DTOMYERG5ND4QFDHC4ZSGCED3T3ESRSC/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FBZQ2ZRMFEUQ35235B2HWPSXGDCBZHFV/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GD2GSBQTBLYADASUBHHZV2CZPTSLIPQJ/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QFXMF3VVKIZN7ZMB7PKZCSWV6MOMTGMQ/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFVSMR7TNLO2KPWJSW4CF64C2QMQXCIN/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/containers/image",
          "defaultStatus": "unaffected",
          "packageName": "image",
          "versions": [
            {
              "lessThan": "5.29.3",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.30.1",
              "status": "affected",
              "version": "5.30.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_api_data_protection:1.3::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "oadp/oadp-velero-plugin-rhel9",
          "product": "OADP-1.3-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1.3.4-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-collector-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-collector-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-rhel8-operator",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-v4-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-collector-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-collector-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-rhel8-operator",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-v4-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020240808093819.afee755d",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.37.2-1.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.16.1-1.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:5.2.2-1.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:rhmt:1.8::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhmtc/openshift-migration-controller-rhel8",
          "product": "Red Hat Migration Toolkit for Containers 1.8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.8.4-22",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el9",
            "cpe:/a:redhat:openshift:4.13::el8",
            "cpe:/a:redhat:openshift_ironic:4.13::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3:4.4.1-14.rhaos4.13.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el9",
            "cpe:/a:redhat:openshift:4.13::el8",
            "cpe:/a:redhat:openshift_ironic:4.13::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.11.3-3.rhaos4.13.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el9",
            "cpe:/a:redhat:openshift:4.14::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-operator-lifecycle-manager",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.14.0-202407260439.p0.g8d9b39e.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ironic:4.14::el9",
            "cpe:/a:redhat:openshift:4.14::el9",
            "cpe:/a:redhat:openshift:4.14::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3:4.4.1-19.rhaos4.14.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ironic:4.14::el9",
            "cpe:/a:redhat:openshift:4.14::el9",
            "cpe:/a:redhat:openshift:4.14::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.11.3-3.rhaos4.14.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/network-tools-rhel8",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409172305.p0.g17536c8.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-api-server-rhel8",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409171307.p0.ged4651a.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-node-agent-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409161436.p0.g1f44c02.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-alibaba-machine-controllers-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409120135.p0.gf7f5eed.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-apiserver-network-proxy-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409131835.p0.gadccbd5.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-cluster-autoscaler-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409120135.p0.g8425d88.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-cluster-control-plane-machine-set-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409130735.p0.gc03231f.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-cluster-ingress-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409131635.p0.gb73e37f.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-cluster-network-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409161836.p0.g092d15b.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-cluster-node-tuning-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409180105.p0.g1fdd5b0.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-console",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409180905.p0.gf6f61ca.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-docker-builder",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409171307.p0.g160e7ca.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-hypershift-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409131635.p0.gb7c1d6a.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-insights-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409111636.p0.gf0c44f6.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-machine-api-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409120135.p0.g3ab953d.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-multus-admission-controller-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409111636.p0.g9ea52de.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409111636.p0.gd80fe46.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-nutanix-machine-controllers-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409120135.p0.g8de6f94.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-openshift-controller-manager-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409171307.p0.g5d529dd.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-operator-lifecycle-manager-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409180305.p0.g1da79fe.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-operator-registry-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409180305.p0.g1da79fe.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-ovn-kubernetes-microshift-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409172305.p0.g5af0be8.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-ovn-kubernetes-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409172305.p0.g5af0be8.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-powervs-cloud-controller-manager-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409130536.p0.g1d6a7ed.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-powervs-machine-controllers-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409161436.p0.g4121cfc.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-sdn-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409120135.p0.g71a6f28.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-tests",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409180705.p0.g95ee44e.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-tools-rhel8",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409161234.p0.g4e8d689.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "415.92.202409162258-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8",
            "cpe:/a:redhat:openshift_ironic:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3:4.4.1-30.rhaos4.15.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8",
            "cpe:/a:redhat:openshift_ironic:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.11.3-4.rhaos4.15.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-node-agent-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202410230304.p0.g366295f.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-orchestrator-rhel8",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202410230304.p0.gfde2b2e.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-operator-lifecycle-manager-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202407230407.p0.gf3f8de5.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el8",
            "cpe:/a:redhat:openshift_ironic:4.16::el9",
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:4.9.4-5.1.rhaos4.16.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el8",
            "cpe:/a:redhat:openshift_ironic:4.16::el9",
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.14.4-1.rhaos4.16.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el8",
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.29.5-7.rhaos4.16.git7db4ada.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-operator-lifecycle-manager-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.16.0-202407171536.p0.g1551101.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-machine-config-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.16.0-202409162206.p0.g6a425ab.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-orchestrator-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.16.0-202409231504.p0.g342902b.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-node-agent-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.16.0-202410172201.p0.gb121e87.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-machine-config-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.17.0-202409122005.p0.gb170ad0.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-olm-operator-controller-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.17.0-202409100034.p0.g8d16b39.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-operator-lifecycle-manager-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.17.0-202409101338.p0.gb0d86a0.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-operator-registry-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.17.0-202409101338.p0.gb0d86a0.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-orchestrator-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.17.0-202410022234.p0.gfbc55c6.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/oc-mirror-plugin-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.18",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.18.0-202502100934.p0.gc00c7c9.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-api-server-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.18",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.18.0-202502040032.p0.ge5a4005.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-node-agent-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.18",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.18.0-202502041302.p0.g51a74ac.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-orchestrator-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.18",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.18.0-202501230001.p0.g5348c85.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-machine-config-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.18",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.18.0-202502100153.p0.g120ba67.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-openshift-apiserver-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.18",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.18.0-202502060238.p0.g73d65db.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-controller-rhel9",
          "product": "RHEL-9-CNV-4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.5-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:multicluster_engine"
          ],
          "defaultStatus": "unaffected",
          "packageName": "multicluster-engine/agent-service-rhel8",
          "product": "Multicluster Engine for Kubernetes",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:multicluster_engine"
          ],
          "defaultStatus": "unaffected",
          "packageName": "multicluster-engine/assisted-installer-agent-rhel8",
          "product": "Multicluster Engine for Kubernetes",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:multicluster_engine"
          ],
          "defaultStatus": "unaffected",
          "packageName": "multicluster-engine/assisted-installer-reporter-rhel8",
          "product": "Multicluster Engine for Kubernetes",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:multicluster_engine"
          ],
          "defaultStatus": "unaffected",
          "packageName": "multicluster-engine/assisted-installer-rhel8",
          "product": "Multicluster Engine for Kubernetes",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:multicluster_engine"
          ],
          "defaultStatus": "unaffected",
          "packageName": "multicluster-engine/hive-rhel8",
          "product": "Multicluster Engine for Kubernetes",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ocp_tools"
          ],
          "defaultStatus": "affected",
          "packageName": "ocp-tools-4/jenkins-agent-base-rhel8",
          "product": "OpenShift Developer Tools and Services",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ocp_tools"
          ],
          "defaultStatus": "affected",
          "packageName": "ocp-tools-4/jenkins-rhel8",
          "product": "OpenShift Developer Tools and Services",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:serverless:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-serverless-1/client-kn-rhel8",
          "product": "OpenShift Serverless",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:serverless:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-serverless-clients",
          "product": "OpenShift Serverless",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:source_to_image:1"
          ],
          "defaultStatus": "affected",
          "packageName": "source-to-image-container",
          "product": "OpenShift Source-to-Image (S2I)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhacm2/submariner-rhel8-operator",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "Red Hat Advanced Cluster Security 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-rhel8-operator",
          "product": "Red Hat Advanced Cluster Security 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
          "product": "Red Hat Advanced Cluster Security 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3"
          ],
          "defaultStatus": "unaffected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-rhel8",
          "product": "Red Hat Advanced Cluster Security 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openshift-clients",
          "product": "Red Hat Ansible Automation Platform 1.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openshift-clients",
          "product": "Red Hat Ansible Automation Platform 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "conmon",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "containers-common",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "osbuild-composer",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "skopeo",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "skopeo",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "container-tools:4.0/buildah",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "container-tools:4.0/conmon",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "container-tools:4.0/containers-common",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:4.0/podman",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "container-tools:4.0/skopeo",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "osbuild-composer",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "conmon",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "containers-common",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "osbuild-composer",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:3.11"
          ],
          "defaultStatus": "unknown",
          "packageName": "atomic-openshift",
          "product": "Red Hat OpenShift Container Platform 3.11",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:3.11"
          ],
          "defaultStatus": "unknown",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 3.11",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "buildah",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "conmon",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "containers-common",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-csr-approver-rhel8",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openshift4/ose-baremetal-installer-rhel8",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-cli",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-cli-artifacts",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-deployer",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-installer",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openshift4/ose-installer-altinfra-rhel9",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openshift4/ose-installer-artifacts",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-olm-rukpak-rhel8",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openshift4/ose-openshift-proxy-pull-test-rhel8",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-clients",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "ose-installer-terraform-providers-container",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:assisted_installer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhai-tech-preview/assisted-installer-agent-rhel8",
          "product": "Red Hat OpenShift Container Platform Assisted Installer 1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:assisted_installer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhai-tech-preview/assisted-installer-reporter-rhel8",
          "product": "Red Hat OpenShift Container Platform Assisted Installer 1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:assisted_installer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhai-tech-preview/assisted-installer-rhel8",
          "product": "Red Hat OpenShift Container Platform Assisted Installer 1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_devspaces:3:"
          ],
          "defaultStatus": "affected",
          "packageName": "devspaces/udi-rhel8",
          "product": "Red Hat OpenShift Dev Spaces",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_sandboxed_containers:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-sandboxed-containers/osc-must-gather-rhel8",
          "product": "Red Hat Openshift Sandboxed Containers",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_sandboxed_containers:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-sandboxed-containers/osc-rhel8-operator",
          "product": "Red Hat Openshift Sandboxed Containers",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-apiserver",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-apiserver-rhel9",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-cloner",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-cloner-rhel9",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-controller",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-importer",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-importer-rhel9",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-operator",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-operator-rhel9",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-uploadproxy",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-uploadproxy-rhel9",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-uploadserver",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-uploadserver-rhel9",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.2"
          ],
          "defaultStatus": "affected",
          "packageName": "osp-director-provisioner-container",
          "product": "Red Hat OpenStack Platform 16.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:quay:3"
          ],
          "defaultStatus": "unaffected",
          "packageName": "quay/quay-builder-rhel8",
          "product": "Red Hat Quay 3",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-05-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-354",
              "description": "Improper Validation of Integrity Check Value",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-25T15:54:59.863Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:0045",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0045"
        },
        {
          "name": "RHSA-2024:3718",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3718"
        },
        {
          "name": "RHSA-2024:4159",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4159"
        },
        {
          "name": "RHSA-2024:4613",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4613"
        },
        {
          "name": "RHSA-2024:4850",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4850"
        },
        {
          "name": "RHSA-2024:4960",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4960"
        },
        {
          "name": "RHSA-2024:5258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:5258"
        },
        {
          "name": "RHSA-2024:5951",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:5951"
        },
        {
          "name": "RHSA-2024:6054",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6054"
        },
        {
          "name": "RHSA-2024:6122",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6122"
        },
        {
          "name": "RHSA-2024:6708",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6708"
        },
        {
          "name": "RHSA-2024:6818",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6818"
        },
        {
          "name": "RHSA-2024:6824",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6824"
        },
        {
          "name": "RHSA-2024:7164",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:7164"
        },
        {
          "name": "RHSA-2024:7174",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:7174"
        },
        {
          "name": "RHSA-2024:7182",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:7182"
        },
        {
          "name": "RHSA-2024:7187",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:7187"
        },
        {
          "name": "RHSA-2024:7922",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:7922"
        },
        {
          "name": "RHSA-2024:7941",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:7941"
        },
        {
          "name": "RHSA-2024:8260",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8260"
        },
        {
          "name": "RHSA-2024:8425",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8425"
        },
        {
          "name": "RHSA-2024:9097",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9097"
        },
        {
          "name": "RHSA-2024:9098",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9098"
        },
        {
          "name": "RHSA-2024:9102",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9102"
        },
        {
          "name": "RHSA-2024:9960",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9960"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-3727"
        },
        {
          "name": "RHBZ#2274767",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274767"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-04-12T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-05-09T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Containers/image: digest type does not guarantee valid type",
      "x_redhatCweChain": "CWE-354: Improper Validation of Integrity Check Value"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-3727",
    "datePublished": "2024-05-09T14:57:21.327Z",
    "dateReserved": "2024-04-12T17:56:37.261Z",
    "dateUpdated": "2025-11-25T15:54:59.863Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-24786 (GCVE-0-2024-24786)

Vulnerability from cvelistv5 – Published: 2024-03-05 22:22 – Updated: 2025-02-13 17:40

Summary

The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-1286 - Improper Validation of Syntactic Correctness of Input

Assigner

References

URL

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

SUSE-SU-2024:2090-1

CVE-2024-3727 (GCVE-0-2024-3727)

CVE-2024-24786 (GCVE-0-2024-24786)

Tags

Sightings

Nomenclature