Vulnerability-Lookup

WID-SEC-W-2024-1474

Vulnerability from csaf_certbund - Published: 2024-06-27 22:00 - Updated: 2025-08-26 22:00

Summary

Red Hat OpenShift Container Platform: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.

Angriff: Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder Daten zu manipulieren.

Betroffene Betriebssysteme: - Linux

CVE-2019-25210

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2023-29483

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2023-45142

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2023-45289

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2023-45290

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2023-47108

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2023-48795

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2023-52425

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-0874

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-1394

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-22189

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-2398

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-24783

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-24784

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-24785

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-24786

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-28110

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-28176

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-28180

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-28757

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-28849

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-29180

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-3177

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

CVE-2024-3727

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
Red Hat OpenShift Container Platform <4.12.63 Red Hat / OpenShift		Container Platform <4.12.63
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.16.1 Red Hat / OpenShift		Container Platform <4.16.1
Red Hat Ansible Automation Platform Red Hat	`cpe:/a:redhat:ansible_automation_platform:-`	—
Red Hat OpenShift Container Platform <4.15.28 Red Hat / OpenShift		Container Platform <4.15.28
Red Hat OpenShift Container Platform <4.14.38 Red Hat / OpenShift		Container Platform <4.14.38
Red Hat OpenShift <4.16.24 Red Hat / OpenShift		<4.16.24
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Red Hat OpenShift Run Once Duration Override Operator 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:run_once_duration_override_operator_1`	Run Once Duration Override Operator 1
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat OpenShift Container Platform <4.16.0 Red Hat / OpenShift		Container Platform <4.16.0
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift API for Data Protection 1 Red Hat / OpenShift	`cpe:/a:redhat:openshift:api_for_data_protection_1`	API for Data Protection 1
Red Hat OpenShift Virtualization <4.15.5 Red Hat / OpenShift		Virtualization <4.15.5
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4`	Advanced Cluster Security for Kubernetes 4
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Secondary Scheduler Operator Red Hat / OpenShift	`cpe:/a:redhat:openshift:::secondary_scheduler_operator`	Secondary Scheduler Operator
Red Hat OpenShift Kube Descheduler Operator 5 Red Hat / OpenShift	`cpe:/a:redhat:openshift:kube_descheduler_operator_5`	Kube Descheduler Operator 5
Red Hat OpenShift Container Platform <4.16.23 Red Hat / OpenShift		Container Platform <4.16.23
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Red Hat OpenShift Container Platform <4.18.10 Red Hat / OpenShift		Container Platform <4.18.10

References

66 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://access.redhat.com/errata/RHSA-2024:0040	external
https://access.redhat.com/errata/RHSA-2024:0041	external
https://access.redhat.com/errata/RHSA-2024:0043	external
https://access.redhat.com/errata/RHSA-2024:0045	external
https://access.redhat.com/errata/RHSA-2024:3637	external
https://access.redhat.com/errata/RHSA-2024:3617	external
https://access.redhat.com/errata/RHSA-2024:1616	external
https://errata.build.resf.org/RLSA-2024:3968	external
https://access.redhat.com/errata/RHSA-2024:4150	external
https://access.redhat.com/errata/RHSA-2024:4159	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://access.redhat.com/errata/RHSA-2024:4591	external
https://access.redhat.com/errata/RHSA-2024:4613	external
https://access.redhat.com/errata/RHSA-2024:4699	external
https://access.redhat.com/errata/RHSA-2024:4850	external
https://access.redhat.com/errata/RHSA-2024:4846	external
https://access.redhat.com/errata/RHSA-2024:4960	external
https://access.redhat.com/errata/RHSA-2024:5094	external
https://access.redhat.com/errata/RHSA-2024:5258	external
https://alas.aws.amazon.com/AL2/ALASNITRO-ENCLAVE…	external
https://access.redhat.com/errata/RHSA-2024:5294	external
https://linux.oracle.com/errata/ELSA-2024-5294.html	external
https://linux.oracle.com/errata/ELSA-2024-5258.html	external
https://access.redhat.com/errata/RHSA-2024:5200	external
https://access.redhat.com/errata/RHSA-2024:5202	external
https://access.redhat.com/errata/RHSA-2024:5438	external
https://access.redhat.com/errata/RHSA-2024:5951	external
https://access.redhat.com/errata/RHSA-2024:6054	external
https://access.redhat.com/errata/RHSA-2024:6708	external
https://access.redhat.com/errata/RHSA-2024:6755	external
https://access.redhat.com/errata/RHSA-2024:6687	external
https://access.redhat.com/errata/RHSA-2024:6824	external
https://access.redhat.com/errata/RHSA-2024:7164	external
https://access.redhat.com/errata/RHSA-2024:7179	external
https://access.redhat.com/errata/RHSA-2024:7174	external
https://access.redhat.com/errata/RHSA-2024:7182	external
https://access.redhat.com/errata/RHSA-2024:3718	external
https://access.redhat.com/errata/RHSA-2024:7436	external
https://access.redhat.com/errata/RHSA-2024:3717	external
https://access.redhat.com/errata/RHSA-2024:7187	external
https://access.redhat.com/errata/RHSA-2024:7184	external
https://access.redhat.com/errata/RHSA-2024:7323	external
https://access.redhat.com/errata/RHSA-2024:8040	external
https://access.redhat.com/errata/RHSA-2024:7922	external
https://access.redhat.com/errata/RHSA-2024:7941	external
https://access.redhat.com/errata/RHSA-2024:8260	external
https://access.redhat.com/errata/RHSA-2024:8534	external
https://access.redhat.com/errata/RHSA-2024:8434	external
https://access.redhat.com/errata/RHSA-2024:8425	external
https://access.redhat.com/errata/RHSA-2024:8676	external
https://access.redhat.com/errata/RHSA-2024:9181	external
https://access.redhat.com/errata/RHSA-2024:9098	external
https://access.redhat.com/errata/RHSA-2024:9097	external
https://access.redhat.com/errata/RHSA-2024:9102	external
https://access.redhat.com/errata/RHSA-2024:9960	external
https://access.redhat.com/errata/RHSA-2024:9615	external
https://access.redhat.com/errata/RHSA-2024:10147	external
https://access.redhat.com/errata/RHSA-2024:8704	external
https://access.redhat.com/errata/RHSA-2024:11293	external
https://access.redhat.com/errata/RHSA-2024:6122	external
https://access.redhat.com/errata/RHSA-2025:4019	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.opensuse.org/archives/list/security…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder lokaler Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen oder Daten zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1474 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1474.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1474 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1474"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0040 vom 2024-06-27",
        "url": "https://access.redhat.com/errata/RHSA-2024:0040"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0041 vom 2024-06-27",
        "url": "https://access.redhat.com/errata/RHSA-2024:0041"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0043 vom 2024-06-27",
        "url": "https://access.redhat.com/errata/RHSA-2024:0043"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0045 vom 2024-06-27",
        "url": "https://access.redhat.com/errata/RHSA-2024:0045"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3637 vom 2024-07-01",
        "url": "https://access.redhat.com/errata/RHSA-2024:3637"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3617 vom 2024-07-01",
        "url": "https://access.redhat.com/errata/RHSA-2024:3617"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1616 vom 2024-07-01",
        "url": "https://access.redhat.com/errata/RHSA-2024:1616"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2024:3968 vom 2024-07-02",
        "url": "https://errata.build.resf.org/RLSA-2024:3968"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4150 vom 2024-07-03",
        "url": "https://access.redhat.com/errata/RHSA-2024:4150"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4159 vom 2024-07-03",
        "url": "https://access.redhat.com/errata/RHSA-2024:4159"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2024-BD8FE42929 vom 2024-07-06",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-bd8fe42929"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4591 vom 2024-07-17",
        "url": "https://access.redhat.com/errata/RHSA-2024:4591"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4613 vom 2024-07-25",
        "url": "https://access.redhat.com/errata/RHSA-2024:4613"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4699 vom 2024-07-25",
        "url": "https://access.redhat.com/errata/RHSA-2024:4699"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4850 vom 2024-07-31",
        "url": "https://access.redhat.com/errata/RHSA-2024:4850"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4846 vom 2024-07-31",
        "url": "https://access.redhat.com/errata/RHSA-2024:4846"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:4960 vom 2024-08-07",
        "url": "https://access.redhat.com/errata/RHSA-2024:4960"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5094 vom 2024-08-08",
        "url": "https://access.redhat.com/errata/RHSA-2024:5094"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5258 vom 2024-08-13",
        "url": "https://access.redhat.com/errata/RHSA-2024:5258"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASNITRO-ENCLAVES-2024-042 vom 2024-08-13",
        "url": "https://alas.aws.amazon.com/AL2/ALASNITRO-ENCLAVES-2024-042.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5294 vom 2024-08-14",
        "url": "https://access.redhat.com/errata/RHSA-2024:5294"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-5294 vom 2024-08-14",
        "url": "https://linux.oracle.com/errata/ELSA-2024-5294.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-5258 vom 2024-08-14",
        "url": "https://linux.oracle.com/errata/ELSA-2024-5258.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5200 vom 2024-08-19",
        "url": "https://access.redhat.com/errata/RHSA-2024:5200"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5202 vom 2024-08-19",
        "url": "https://access.redhat.com/errata/RHSA-2024:5202"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5438 vom 2024-08-21",
        "url": "https://access.redhat.com/errata/RHSA-2024:5438"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:5951 vom 2024-08-28",
        "url": "https://access.redhat.com/errata/RHSA-2024:5951"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:6054 vom 2024-08-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:6054"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:6708 vom 2024-09-16",
        "url": "https://access.redhat.com/errata/RHSA-2024:6708"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:6755 vom 2024-09-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:6755"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:6687 vom 2024-09-19",
        "url": "https://access.redhat.com/errata/RHSA-2024:6687"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:6824 vom 2024-09-24",
        "url": "https://access.redhat.com/errata/RHSA-2024:6824"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7164 vom 2024-09-26",
        "url": "https://access.redhat.com/errata/RHSA-2024:7164"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7179 vom 2024-10-02",
        "url": "https://access.redhat.com/errata/RHSA-2024:7179"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7174 vom 2024-10-02",
        "url": "https://access.redhat.com/errata/RHSA-2024:7174"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7179 vom 2024-10-02",
        "url": "https://access.redhat.com/errata/RHSA-2024:7182"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3718 vom 2024-10-02",
        "url": "https://access.redhat.com/errata/RHSA-2024:3718"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7436 vom 2024-10-02",
        "url": "https://access.redhat.com/errata/RHSA-2024:7436"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3717 vom 2024-10-02",
        "url": "https://access.redhat.com/errata/RHSA-2024:3717"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7187 vom 2024-10-03",
        "url": "https://access.redhat.com/errata/RHSA-2024:7187"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7184 vom 2024-10-03",
        "url": "https://access.redhat.com/errata/RHSA-2024:7184"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7323 vom 2024-10-07",
        "url": "https://access.redhat.com/errata/RHSA-2024:7323"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8040 vom 2024-10-14",
        "url": "https://access.redhat.com/errata/RHSA-2024:8040"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7922 vom 2024-10-16",
        "url": "https://access.redhat.com/errata/RHSA-2024:7922"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:7939 vom 2024-10-16",
        "url": "https://access.redhat.com/errata/RHSA-2024:7941"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8260 vom 2024-10-24",
        "url": "https://access.redhat.com/errata/RHSA-2024:8260"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8534 vom 2024-10-28",
        "url": "https://access.redhat.com/errata/RHSA-2024:8534"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8434 vom 2024-10-29",
        "url": "https://access.redhat.com/errata/RHSA-2024:8434"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8425 vom 2024-10-31",
        "url": "https://access.redhat.com/errata/RHSA-2024:8425"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8676 vom 2024-10-30",
        "url": "https://access.redhat.com/errata/RHSA-2024:8676"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9181 vom 2024-11-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:9181"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9098 vom 2024-11-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:9098"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9097 vom 2024-11-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:9097"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9102 vom 2024-11-12",
        "url": "https://access.redhat.com/errata/RHSA-2024:9102"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9960 vom 2024-11-19",
        "url": "https://access.redhat.com/errata/RHSA-2024:9960"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9615 vom 2024-11-20",
        "url": "https://access.redhat.com/errata/RHSA-2024:9615"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:10147 vom 2024-11-26",
        "url": "https://access.redhat.com/errata/RHSA-2024:10147"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:8704 vom 2024-12-02",
        "url": "https://access.redhat.com/errata/RHSA-2024:8704"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:11293 vom 2024-12-17",
        "url": "https://access.redhat.com/errata/RHSA-2024:11293"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:6122 vom 2025-02-25",
        "url": "https://access.redhat.com/errata/RHSA-2024:6122"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:4019 vom 2025-04-23",
        "url": "https://access.redhat.com/errata/RHSA-2025:4019"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20013-1 vom 2025-06-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021364.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20055-1 vom 2025-06-04",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021310.html"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:0323-1 vom 2025-08-26",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TAOZOXVVSHLUMSNGQ4WCSWQAB5DM7EZH/"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat OpenShift Container Platform: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-08-26T22:00:00.000+00:00",
      "generator": {
        "date": "2025-08-27T11:46:37.250+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2024-1474",
      "initial_release_date": "2024-06-27T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-06-27T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-06-30T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-02T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Rocky Enterprise Software Foundation und Red Hat aufgenommen"
        },
        {
          "date": "2024-07-03T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-07T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Fedora aufgenommen"
        },
        {
          "date": "2024-07-17T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-24T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-25T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-30T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-07-31T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-07T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-12T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-13T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2024-08-14T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-08-18T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-20T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-28T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-08-29T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-09-16T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-09-18T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-09-24T22:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-09-25T22:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-01T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-03T22:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-07T22:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-13T22:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-15T22:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-16T22:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-23T22:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-28T23:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-29T23:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-10-30T23:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-11-11T23:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-11-18T23:00:00.000+00:00",
          "number": "34",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-11-19T23:00:00.000+00:00",
          "number": "35",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-11-26T23:00:00.000+00:00",
          "number": "36",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-12-02T23:00:00.000+00:00",
          "number": "37",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-12-17T23:00:00.000+00:00",
          "number": "38",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-02-24T23:00:00.000+00:00",
          "number": "39",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-04-22T22:00:00.000+00:00",
          "number": "40",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-06-04T22:00:00.000+00:00",
          "number": "41",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-08-26T22:00:00.000+00:00",
          "number": "42",
          "summary": "Neue Updates von openSUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "42"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Ansible Automation Platform",
            "product": {
              "name": "Red Hat Ansible Automation Platform",
              "product_id": "T031834",
              "product_identification_helper": {
                "cpe": "cpe:/a:redhat:ansible_automation_platform:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux",
                "product": {
                  "name": "Red Hat Enterprise Linux",
                  "product_id": "67646",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:-"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Advanced Cluster Security for Kubernetes 4",
                "product": {
                  "name": "Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4",
                  "product_id": "T027916",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Advanced Cluster Security for Kubernetes 4",
                "product": {
                  "name": "Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4",
                  "product_id": "T033787",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "Secondary Scheduler Operator",
                "product": {
                  "name": "Red Hat OpenShift Secondary Scheduler Operator",
                  "product_id": "T027759",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:::secondary_scheduler_operator"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Kube Descheduler Operator 5",
                "product": {
                  "name": "Red Hat OpenShift Kube Descheduler Operator 5",
                  "product_id": "T033270",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:kube_descheduler_operator_5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.16.0",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.16.0",
                  "product_id": "T035697"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.16.0",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.16.0",
                  "product_id": "T035697-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.16.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "Run Once Duration Override Operator 1",
                "product": {
                  "name": "Red Hat OpenShift Run Once Duration Override Operator 1",
                  "product_id": "T035698",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:run_once_duration_override_operator_1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.16.1",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.16.1",
                  "product_id": "T035804"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.16.1",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.16.1",
                  "product_id": "T035804-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.16.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.12.63",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.12.63",
                  "product_id": "T036942"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.12.63",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.12.63",
                  "product_id": "T036942-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.12.63"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.15.28",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.15.28",
                  "product_id": "T036960"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.15.28",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.15.28",
                  "product_id": "T036960-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.15.28"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Virtualization \u003c4.15.5",
                "product": {
                  "name": "Red Hat OpenShift Virtualization \u003c4.15.5",
                  "product_id": "T037141"
                }
              },
              {
                "category": "product_version",
                "name": "Virtualization 4.15.5",
                "product": {
                  "name": "Red Hat OpenShift Virtualization 4.15.5",
                  "product_id": "T037141-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:virtualization__4.15.5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.14.38",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.14.38",
                  "product_id": "T037940"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.14.38",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.14.38",
                  "product_id": "T037940-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.14.38"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "API for Data Protection 1",
                "product": {
                  "name": "Red Hat OpenShift API for Data Protection 1",
                  "product_id": "T039224",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:api_for_data_protection_1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.16.23",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.16.23",
                  "product_id": "T039272"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.16.23",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.16.23",
                  "product_id": "T039272-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.16.23"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c4.16.24",
                "product": {
                  "name": "Red Hat OpenShift \u003c4.16.24",
                  "product_id": "T039438"
                }
              },
              {
                "category": "product_version",
                "name": "4.16.24",
                "product": {
                  "name": "Red Hat OpenShift 4.16.24",
                  "product_id": "T039438-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:4.16.24"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.18.10",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.18.10",
                  "product_id": "T043077"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.18.10",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.18.10",
                  "product_id": "T043077-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.18.10"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OpenShift"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-25210",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2019-25210"
    },
    {
      "cve": "CVE-2023-29483",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2023-29483"
    },
    {
      "cve": "CVE-2023-45142",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2023-45142"
    },
    {
      "cve": "CVE-2023-45289",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2023-45289"
    },
    {
      "cve": "CVE-2023-45290",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2023-45290"
    },
    {
      "cve": "CVE-2023-47108",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2023-47108"
    },
    {
      "cve": "CVE-2023-48795",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-52425",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2024-0874",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-0874"
    },
    {
      "cve": "CVE-2024-1394",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-1394"
    },
    {
      "cve": "CVE-2024-22189",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-22189"
    },
    {
      "cve": "CVE-2024-2398",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-2398"
    },
    {
      "cve": "CVE-2024-24783",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-24783"
    },
    {
      "cve": "CVE-2024-24784",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-24784"
    },
    {
      "cve": "CVE-2024-24785",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-24785"
    },
    {
      "cve": "CVE-2024-24786",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-24786"
    },
    {
      "cve": "CVE-2024-28110",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-28110"
    },
    {
      "cve": "CVE-2024-28176",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-28176"
    },
    {
      "cve": "CVE-2024-28180",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-28180"
    },
    {
      "cve": "CVE-2024-28757",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-28757"
    },
    {
      "cve": "CVE-2024-28849",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-28849"
    },
    {
      "cve": "CVE-2024-29180",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-29180"
    },
    {
      "cve": "CVE-2024-3177",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-3177"
    },
    {
      "cve": "CVE-2024-3727",
      "product_status": {
        "known_affected": [
          "T033787",
          "T036942",
          "67646",
          "T035804",
          "T031834",
          "T036960",
          "T037940",
          "T039438",
          "T004914",
          "T035698",
          "T032255",
          "T035697",
          "74185",
          "T039224",
          "T037141",
          "T027916",
          "T002207",
          "T027759",
          "T033270",
          "T039272",
          "T027843",
          "398363",
          "T043077"
        ]
      },
      "release_date": "2024-06-27T22:00:00.000+00:00",
      "title": "CVE-2024-3727"
    }
  ]
}

CVE-2019-25210 (GCVE-0-2019-25210)

Vulnerability from cvelistv5 – Published: 2024-03-03 00:00 – Updated: 2024-09-04 17:38 Disputed

Summary

An issue was discovered in Cloud Native Computing Foundation (CNCF) Helm through 3.13.3. It displays values of secrets when the --dry-run flag is used. This is a security concern in some use cases, such as a --dry-run call by a CI/CD tool. NOTE: the vendor's position is that this behavior was introduced intentionally, and cannot be removed without breaking backwards compatibility (some users may be relying on these values). Also, it is not the Helm Project's responsibility if a user decides to use --dry-run within a CI/CD environment whose output is visible to unauthorized persons.

Severity

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE

Assigner

mitre

References

3 references

URL	Tags
https://github.com/helm/helm/issues/7275
https://www.cncf.io/projects/helm/
https://helm.sh/blog/response-cve-2019-25210/

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:00:19.379Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/helm/helm/issues/7275"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cncf.io/projects/helm/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://helm.sh/blog/response-cve-2019-25210/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:helm:helm:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "helm",
            "vendor": "helm",
            "versions": [
              {
                "lessThanOrEqual": "3.13.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2019-25210",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-19T19:38:47.344058Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-200",
                "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-04T17:38:48.040Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Cloud Native Computing Foundation (CNCF) Helm through 3.13.3. It displays values of secrets when the --dry-run flag is used. This is a security concern in some use cases, such as a --dry-run call by a CI/CD tool. NOTE: the vendor\u0027s position is that this behavior was introduced intentionally, and cannot be removed without breaking backwards compatibility (some users may be relying on these values). Also, it is not the Helm Project\u0027s responsibility if a user decides to use --dry-run within a CI/CD environment whose output is visible to unauthorized persons."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-15T00:20:10.533Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/helm/helm/issues/7275"
        },
        {
          "url": "https://www.cncf.io/projects/helm/"
        },
        {
          "url": "https://helm.sh/blog/response-cve-2019-25210/"
        }
      ],
      "tags": [
        "disputed"
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-25210",
    "datePublished": "2024-03-03T00:00:00.000Z",
    "dateReserved": "2024-03-03T00:00:00.000Z",
    "dateUpdated": "2024-09-04T17:38:48.040Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-29483 (GCVE-0-2023-29483)

Vulnerability from cvelistv5 – Published: 2024-04-11 00:00 – Updated: 2025-11-04 17:12

Summary

eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in which the DNS name resolution algorithm would proceed, within the full time window, in order to wait for a valid packet. NOTE: dnspython 2.6.0 is unusable for a different reason that was addressed in 2.6.1.

Severity

7 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

CWE

Assigner

mitre

References

10 references

URL	Tags
https://www.dnspython.org/
https://github.com/rthalley/dnspython/releases/ta…
https://github.com/rthalley/dnspython/issues/1045
https://security.snyk.io/vuln/SNYK-PYTHON-DNSPYTH…
https://github.com/eventlet/eventlet/issues/913
https://github.com/eventlet/eventlet/releases/tag…
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://security.netapp.com/advisory/ntap-2024051…
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T17:12:31.047Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.dnspython.org/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/rthalley/dnspython/releases/tag/v2.6.0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/rthalley/dnspython/issues/1045"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.snyk.io/vuln/SNYK-PYTHON-DNSPYTHON-6241713"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/eventlet/eventlet/issues/913"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/eventlet/eventlet/releases/tag/v0.35.2"
          },
          {
            "name": "FEDORA-2024-930af3332f",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOHJOO3OM65UIUUUVDEXMCTXNM6LXZEH/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240510-0001/"
          },
          {
            "name": "FEDORA-2024-bbd76d7c63",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRKR57IFVKQC2GCXZBFLCLBAWBWL3F6/"
          },
          {
            "name": "FEDORA-2024-3b4c7849ab",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3BNSIK5NFYSAP53Y45GOCMOQHHDLGIF/"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NLRKR57IFVKQC2GCXZBFLCLBAWBWL3F6/"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOHJOO3OM65UIUUUVDEXMCTXNM6LXZEH/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:eventlet:eventlet:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "eventlet",
            "vendor": "eventlet",
            "versions": [
              {
                "lessThan": "0.35.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThan": "2.6.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-29483",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-11T17:34:51.471510Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-292",
                "description": "CWE-292 DEPRECATED: Trusting Self-reported DNS Name",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-27T18:43:46.973Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a \"TuDoor\" attack. In other words, dnspython does not have the preferred behavior in which the DNS name resolution algorithm would proceed, within the full time window, in order to wait for a valid packet. NOTE: dnspython 2.6.0 is unusable for a different reason that was addressed in 2.6.1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-26T02:06:08.072Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://www.dnspython.org/"
        },
        {
          "url": "https://github.com/rthalley/dnspython/releases/tag/v2.6.0"
        },
        {
          "url": "https://github.com/rthalley/dnspython/issues/1045"
        },
        {
          "url": "https://security.snyk.io/vuln/SNYK-PYTHON-DNSPYTHON-6241713"
        },
        {
          "url": "https://github.com/eventlet/eventlet/issues/913"
        },
        {
          "url": "https://github.com/eventlet/eventlet/releases/tag/v0.35.2"
        },
        {
          "name": "FEDORA-2024-930af3332f",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOHJOO3OM65UIUUUVDEXMCTXNM6LXZEH/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240510-0001/"
        },
        {
          "name": "FEDORA-2024-bbd76d7c63",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NLRKR57IFVKQC2GCXZBFLCLBAWBWL3F6/"
        },
        {
          "name": "FEDORA-2024-3b4c7849ab",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X3BNSIK5NFYSAP53Y45GOCMOQHHDLGIF/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-29483",
    "datePublished": "2024-04-11T00:00:00.000Z",
    "dateReserved": "2023-04-07T00:00:00.000Z",
    "dateUpdated": "2025-11-04T17:12:31.047Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-45142 (GCVE-0-2023-45142)

Vulnerability from cvelistv5 – Published: 2023-10-12 16:33 – Updated: 2025-02-13 17:13

Title

OpenTelemetry-Go Contrib has DoS vulnerability in otelhttp due to unbound cardinality metrics

Summary

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels `http.user_agent` and `http.method` that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent to it. HTTP header User-Agent or HTTP method for requests can be easily set by an attacker to be random and long. The library internally uses `httpconv.ServerRequest` that records every value for HTTP `method` and `User-Agent`. In order to be affected, a program has to use the `otelhttp.NewHandler` wrapper and not filter any unknown HTTP methods or User agents on the level of CDN, LB, previous middleware, etc. Version 0.44.0 fixed this issue when the values collected for attribute `http.request.method` were changed to be restricted to a set of well-known values and other high cardinality attributes were removed. As a workaround to stop being affected, `otelhttp.WithFilter()` can be used, but it requires manual careful configuration to not log certain requests entirely. For convenience and safe usage of this library, it should by default mark with the label `unknown` non-standard HTTP methods and User agents to show that such requests were made but do not increase cardinality. In case someone wants to stay with the current behavior, library API should allow to enable it.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-770 - Allocation of Resources Without Limits or Throttling

Assigner

GitHub_M

References

9 references

URL	Tags
https://github.com/open-telemetry/opentelemetry-g…	x_refsource_CONFIRM
https://github.com/open-telemetry/opentelemetry-g…	x_refsource_MISC
https://github.com/open-telemetry/opentelemetry-g…	x_refsource_MISC
https://github.com/advisories/GHSA-cg3q-j54f-5p7p	x_refsource_MISC
https://github.com/open-telemetry/opentelemetry-g…	x_refsource_MISC
https://github.com/open-telemetry/opentelemetry-g…	x_refsource_MISC
https://github.com/open-telemetry/opentelemetry-g…	x_refsource_MISC
https://github.com/open-telemetry/opentelemetry-g…	x_refsource_MISC
https://lists.fedoraproject.org/archives/list/pac…

Impacted products

1 product

Vendor	Product	Version
open-telemetry	opentelemetry-go-contrib	Affected: < 0.44.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T20:14:19.751Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-rcjv-mgp8-qvmr",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-rcjv-mgp8-qvmr"
          },
          {
            "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-5r5m-65gx-7vrh",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-5r5m-65gx-7vrh"
          },
          {
            "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/pull/4277",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/pull/4277"
          },
          {
            "name": "https://github.com/advisories/GHSA-cg3q-j54f-5p7p",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/advisories/GHSA-cg3q-j54f-5p7p"
          },
          {
            "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/blob/5f7e6ad5a49b45df45f61a1deb29d7f1158032df/instrumentation/net/http/otelhttp/handler.go#L63-L65",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/blob/5f7e6ad5a49b45df45f61a1deb29d7f1158032df/instrumentation/net/http/otelhttp/handler.go#L63-L65"
          },
          {
            "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/releases/tag/v1.19.0",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/releases/tag/v1.19.0"
          },
          {
            "name": "https://github.com/open-telemetry/opentelemetry-go/blob/38e1b499c3da3107694ad2660b3888eee9c8b896/semconv/internal/v2/http.go#L223",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/open-telemetry/opentelemetry-go/blob/38e1b499c3da3107694ad2660b3888eee9c8b896/semconv/internal/v2/http.go#L223"
          },
          {
            "name": "https://github.com/open-telemetry/opentelemetry-go/blob/v1.12.0/semconv/internal/v2/http.go#L159",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/open-telemetry/opentelemetry-go/blob/v1.12.0/semconv/internal/v2/http.go#L159"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2UTRJ54INZG3OC2FTAN6AFB2RYNY2GAD/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "opentelemetry-go-contrib",
          "vendor": "open-telemetry",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 0.44.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels `http.user_agent` and `http.method` that have unbound cardinality. It leads to the server\u0027s potential memory exhaustion when many malicious requests are sent to it. HTTP header User-Agent or HTTP method for requests can be easily set by an attacker to be random and long. The library internally uses `httpconv.ServerRequest` that records every value for HTTP `method` and `User-Agent`. In order to be affected, a program has to use the `otelhttp.NewHandler` wrapper and not filter any unknown HTTP methods or User agents on the level of CDN, LB, previous middleware, etc. Version 0.44.0 fixed this issue when the values collected for attribute `http.request.method` were changed to be restricted to a set of well-known values and other high cardinality attributes were removed. As a workaround to stop being affected, `otelhttp.WithFilter()` can be used, but it requires manual careful configuration to not log certain requests entirely. For convenience and safe usage of this library, it should by default mark with the label `unknown` non-standard HTTP methods and User agents to show that such requests were made but do not increase cardinality. In case someone wants to stay with the current behavior, library API should allow to enable it."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-19T03:06:08.734Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-rcjv-mgp8-qvmr",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-rcjv-mgp8-qvmr"
        },
        {
          "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-5r5m-65gx-7vrh",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-5r5m-65gx-7vrh"
        },
        {
          "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/pull/4277",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/pull/4277"
        },
        {
          "name": "https://github.com/advisories/GHSA-cg3q-j54f-5p7p",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/advisories/GHSA-cg3q-j54f-5p7p"
        },
        {
          "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/blob/5f7e6ad5a49b45df45f61a1deb29d7f1158032df/instrumentation/net/http/otelhttp/handler.go#L63-L65",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/blob/5f7e6ad5a49b45df45f61a1deb29d7f1158032df/instrumentation/net/http/otelhttp/handler.go#L63-L65"
        },
        {
          "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/releases/tag/v1.19.0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/releases/tag/v1.19.0"
        },
        {
          "name": "https://github.com/open-telemetry/opentelemetry-go/blob/38e1b499c3da3107694ad2660b3888eee9c8b896/semconv/internal/v2/http.go#L223",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/open-telemetry/opentelemetry-go/blob/38e1b499c3da3107694ad2660b3888eee9c8b896/semconv/internal/v2/http.go#L223"
        },
        {
          "name": "https://github.com/open-telemetry/opentelemetry-go/blob/v1.12.0/semconv/internal/v2/http.go#L159",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/open-telemetry/opentelemetry-go/blob/v1.12.0/semconv/internal/v2/http.go#L159"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2UTRJ54INZG3OC2FTAN6AFB2RYNY2GAD/"
        }
      ],
      "source": {
        "advisory": "GHSA-rcjv-mgp8-qvmr",
        "discovery": "UNKNOWN"
      },
      "title": "OpenTelemetry-Go Contrib has DoS vulnerability in otelhttp due to unbound cardinality metrics"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-45142",
    "datePublished": "2023-10-12T16:33:21.435Z",
    "dateReserved": "2023-10-04T16:02:46.330Z",
    "dateUpdated": "2025-02-13T17:13:49.600Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-45289 (GCVE-0-2023-45289)

Vulnerability from cvelistv5 – Published: 2024-03-05 22:22 – Updated: 2025-02-13 17:14

Title

Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

Summary

When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.

Severity

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-212 - Improper Removal of Sensitive Information Before Storage or Transfer

Assigner

References

6 references

URL	Tags
https://go.dev/issue/65065
https://go.dev/cl/569340
https://groups.google.com/g/golang-announce/c/5pw…
https://pkg.go.dev/vuln/GO-2024-2600
https://security.netapp.com/advisory/ntap-2024032…
http://www.openwall.com/lists/oss-security/2024/03/08/4

Impacted products

2 products

Vendor	Product	Version
Go standard library	net/http	Affected: 0 , < 1.21.8 (semver) Affected: 1.22.0-0 , < 1.22.1 (semver)
Go standard library	net/http/cookiejar	Affected: 0 , < 1.21.8 (semver) Affected: 1.22.0-0 , < 1.22.1 (semver)

Credits

Juho Nurminen of Mattermost

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 4.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-45289",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-06T16:34:47.460894Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-04T18:24:28.343Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T20:21:15.333Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://go.dev/issue/65065"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://go.dev/cl/569340"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://pkg.go.dev/vuln/GO-2024-2600"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240329-0006/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "net/http",
          "product": "net/http",
          "programRoutines": [
            {
              "name": "isDomainOrSubdomain"
            },
            {
              "name": "Client.Do"
            },
            {
              "name": "Client.Get"
            },
            {
              "name": "Client.Head"
            },
            {
              "name": "Client.Post"
            },
            {
              "name": "Client.PostForm"
            },
            {
              "name": "Get"
            },
            {
              "name": "Head"
            },
            {
              "name": "Post"
            },
            {
              "name": "PostForm"
            }
          ],
          "vendor": "Go standard library",
          "versions": [
            {
              "lessThan": "1.21.8",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.22.1",
              "status": "affected",
              "version": "1.22.0-0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "net/http/cookiejar",
          "product": "net/http/cookiejar",
          "programRoutines": [
            {
              "name": "isIP"
            },
            {
              "name": "Jar.Cookies"
            },
            {
              "name": "Jar.SetCookies"
            }
          ],
          "vendor": "Go standard library",
          "versions": [
            {
              "lessThan": "1.21.8",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.22.1",
              "status": "affected",
              "version": "1.22.0-0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Juho Nurminen of Mattermost"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-01T17:09:39.339Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/issue/65065"
        },
        {
          "url": "https://go.dev/cl/569340"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2024-2600"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240329-0006/"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
        }
      ],
      "title": "Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2023-45289",
    "datePublished": "2024-03-05T22:22:30.306Z",
    "dateReserved": "2023-10-06T17:06:26.221Z",
    "dateUpdated": "2025-02-13T17:14:01.755Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-45290 (GCVE-0-2023-45290)

Vulnerability from cvelistv5 – Published: 2024-03-05 22:22 – Updated: 2025-02-13 17:14

Title

Memory exhaustion in multipart form parsing in net/textproto and net/http

Summary

When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.

Severity

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

References

6 references

URL	Tags
https://go.dev/issue/65383
https://go.dev/cl/569341
https://groups.google.com/g/golang-announce/c/5pw…
https://pkg.go.dev/vuln/GO-2024-2599
https://security.netapp.com/advisory/ntap-2024032…
http://www.openwall.com/lists/oss-security/2024/03/08/4

Impacted products

1 product

Vendor	Product	Version
Go standard library	net/textproto	Affected: 0 , < 1.21.8 (semver) Affected: 1.22.0-0 , < 1.22.1 (semver)

Credits

Bartek Nowotarski

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-45290",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-06T15:04:15.773941Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-770",
                "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T11:07:13.798Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T20:21:15.331Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://go.dev/issue/65383"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://go.dev/cl/569341"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://pkg.go.dev/vuln/GO-2024-2599"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240329-0004/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "net/textproto",
          "product": "net/textproto",
          "programRoutines": [
            {
              "name": "Reader.readLineSlice"
            },
            {
              "name": "Reader.readContinuedLineSlice"
            },
            {
              "name": "Reader.ReadCodeLine"
            },
            {
              "name": "Reader.ReadContinuedLine"
            },
            {
              "name": "Reader.ReadContinuedLineBytes"
            },
            {
              "name": "Reader.ReadDotLines"
            },
            {
              "name": "Reader.ReadLine"
            },
            {
              "name": "Reader.ReadLineBytes"
            },
            {
              "name": "Reader.ReadMIMEHeader"
            },
            {
              "name": "Reader.ReadResponse"
            }
          ],
          "vendor": "Go standard library",
          "versions": [
            {
              "lessThan": "1.21.8",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.22.1",
              "status": "affected",
              "version": "1.22.0-0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Bartek Nowotarski"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-01T17:09:46.260Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/issue/65383"
        },
        {
          "url": "https://go.dev/cl/569341"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2024-2599"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240329-0004/"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
        }
      ],
      "title": "Memory exhaustion in multipart form parsing in net/textproto and net/http"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2023-45290",
    "datePublished": "2024-03-05T22:22:28.703Z",
    "dateReserved": "2023-10-06T17:06:26.221Z",
    "dateUpdated": "2025-02-13T17:14:02.493Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-47108 (GCVE-0-2023-47108)

Vulnerability from cvelistv5 – Published: 2023-11-10 18:31 – Updated: 2025-10-28 18:22

Title

DoS vulnerability in otelgrpc (uncontrolled resource consumption) due to unbound cardinality metrics

Summary

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `net.peer.sock.port` that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent. An attacker can easily flood the peer address and port for requests. Version 0.46.0 contains a fix for this issue. As a workaround to stop being affected, a view removing the attributes can be used. The other possibility is to disable grpc metrics instrumentation by passing `otelgrpc.WithMeterProvider` option with `noop.NewMeterProvider`.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-770 - Allocation of Resources Without Limits or Throttling

Assigner

GitHub_M

References

7 references

URL	Tags
https://github.com/open-telemetry/opentelemetry-g…	x_refsource_CONFIRM
https://github.com/open-telemetry/opentelemetry-g…	x_refsource_MISC
https://github.com/open-telemetry/opentelemetry-g…	x_refsource_MISC
https://github.com/open-telemetry/opentelemetry-g…	x_refsource_MISC
https://github.com/open-telemetry/opentelemetry-g…	x_refsource_MISC
https://github.com/open-telemetry/opentelemetry-g…	x_refsource_MISC
https://pkg.go.dev/go.opentelemetry.io/otel/metri…	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
open-telemetry	opentelemetry-go-contrib	Affected: >= 0.37.0, < 0.46.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:01:22.674Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-8pgv-569h-w5rw",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-8pgv-569h-w5rw"
          },
          {
            "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/pull/4322",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/pull/4322"
          },
          {
            "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/commit/b44dfc9092b157625a5815cb437583cee663333b",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/commit/b44dfc9092b157625a5815cb437583cee663333b"
          },
          {
            "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/blob/9d4eb7e7706038b07d33f83f76afbe13f53d171d/instrumentation/google.golang.org/grpc/otelgrpc/interceptor.go#L327",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/blob/9d4eb7e7706038b07d33f83f76afbe13f53d171d/instrumentation/google.golang.org/grpc/otelgrpc/interceptor.go#L327"
          },
          {
            "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/blob/instrumentation/google.golang.org/grpc/otelgrpc/v0.45.0/instrumentation/google.golang.org/grpc/otelgrpc/config.go#L138",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/blob/instrumentation/google.golang.org/grpc/otelgrpc/v0.45.0/instrumentation/google.golang.org/grpc/otelgrpc/config.go#L138"
          },
          {
            "name": "https://pkg.go.dev/go.opentelemetry.io/otel/metric/noop#NewMeterProvider",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://pkg.go.dev/go.opentelemetry.io/otel/metric/noop#NewMeterProvider"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-47108",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-03T17:26:16.403179Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-03T17:26:56.850Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "opentelemetry-go-contrib",
          "vendor": "open-telemetry",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 0.37.0, \u003c 0.46.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `net.peer.sock.port` that have unbound cardinality. It leads to the server\u0027s potential memory exhaustion when many malicious requests are sent. An attacker can easily flood the peer address and port for requests. Version 0.46.0 contains a fix for this issue. As a workaround to stop being affected, a view removing the attributes can be used. The other possibility is to disable grpc metrics instrumentation by passing `otelgrpc.WithMeterProvider` option with `noop.NewMeterProvider`."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-28T18:22:47.393Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-8pgv-569h-w5rw",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-8pgv-569h-w5rw"
        },
        {
          "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/pull/4322",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/pull/4322"
        },
        {
          "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/commit/04c5dcbb5b35f14b4e6793b245919c72addbc7d0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/commit/04c5dcbb5b35f14b4e6793b245919c72addbc7d0"
        },
        {
          "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/commit/b44dfc9092b157625a5815cb437583cee663333b",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/commit/b44dfc9092b157625a5815cb437583cee663333b"
        },
        {
          "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/blob/9d4eb7e7706038b07d33f83f76afbe13f53d171d/instrumentation/google.golang.org/grpc/otelgrpc/interceptor.go#L327",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/blob/9d4eb7e7706038b07d33f83f76afbe13f53d171d/instrumentation/google.golang.org/grpc/otelgrpc/interceptor.go#L327"
        },
        {
          "name": "https://github.com/open-telemetry/opentelemetry-go-contrib/blob/instrumentation/google.golang.org/grpc/otelgrpc/v0.45.0/instrumentation/google.golang.org/grpc/otelgrpc/config.go#L138",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/open-telemetry/opentelemetry-go-contrib/blob/instrumentation/google.golang.org/grpc/otelgrpc/v0.45.0/instrumentation/google.golang.org/grpc/otelgrpc/config.go#L138"
        },
        {
          "name": "https://pkg.go.dev/go.opentelemetry.io/otel/metric/noop#NewMeterProvider",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://pkg.go.dev/go.opentelemetry.io/otel/metric/noop#NewMeterProvider"
        }
      ],
      "source": {
        "advisory": "GHSA-8pgv-569h-w5rw",
        "discovery": "UNKNOWN"
      },
      "title": "DoS vulnerability in otelgrpc (uncontrolled resource consumption) due to unbound cardinality metrics"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-47108",
    "datePublished": "2023-11-10T18:31:33.730Z",
    "dateReserved": "2023-10-30T19:57:51.673Z",
    "dateUpdated": "2025-10-28T18:22:47.393Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-48795 (GCVE-0-2023-48795)

Vulnerability from cvelistv5 – Published: 2023-12-18 00:00 – Updated: 2026-05-12 11:02

Summary

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

Severity

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE

Assigner

mitre

References

118 references

URL	Tags
https://www.chiark.greenend.org.uk/~sgtatham/putt…
https://matt.ucc.asn.au/dropbear/CHANGES
https://github.com/proftpd/proftpd/blob/master/RE…
https://www.netsarang.com/en/xshell-update-history/
https://www.paramiko.org/changelog.html
https://www.openssh.com/openbsd.html
https://github.com/openssh/openssh-portable/commi…
https://groups.google.com/g/golang-announce/c/-n5…
https://www.bitvise.com/ssh-server-version-history
https://github.com/ronf/asyncssh/tags
https://gitlab.com/libssh/libssh-mirror/-/tags
https://www.reddit.com/r/sysadmin/comments/18idv5…
https://github.com/erlang/otp/blob/d1b43dc0f1361d…
https://www.openssh.com/txt/release-9.6
https://jadaptive.com/important-java-ssh-security…
https://www.terrapin-attack.com
https://github.com/mkj/dropbear/blob/17657c36cce6…
https://github.com/ronf/asyncssh/blob/develop/doc…
https://thorntech.com/cve-2023-48795-and-sftp-gateway/
https://github.com/warp-tech/russh/releases/tag/v0.40.2
https://github.com/TeraTermProject/teraterm/commi…
https://www.openwall.com/lists/oss-security/2023/…
https://twitter.com/TrueSkrillor/status/173677438…
https://github.com/golang/crypto/commit/9d2ee975e…
https://github.com/paramiko/paramiko/issues/2337
https://groups.google.com/g/golang-announce/c/qA3…
https://news.ycombinator.com/item?id=38684904
https://news.ycombinator.com/item?id=38685286
http://www.openwall.com/lists/oss-security/2023/12/18/3	mailing-list
https://github.com/mwiede/jsch/issues/457
https://git.libssh.org/projects/libssh.git/commit…
https://github.com/erlang/otp/releases/tag/OTP-26.2.1
https://github.com/advisories/GHSA-45x7-px36-x8w8
https://security-tracker.debian.org/tracker/sourc…
https://security-tracker.debian.org/tracker/sourc…
https://security-tracker.debian.org/tracker/CVE-2…
https://bugzilla.suse.com/show_bug.cgi?id=1217950
https://bugzilla.redhat.com/show_bug.cgi?id=2254210
https://bugs.gentoo.org/920280
https://ubuntu.com/security/CVE-2023-48795
https://www.suse.com/c/suse-addresses-the-ssh-v2-…
https://access.redhat.com/security/cve/cve-2023-48795
https://github.com/mwiede/jsch/pull/461
https://github.com/drakkan/sftpgo/releases/tag/v2.5.6
https://github.com/libssh2/libssh2/pull/1291
https://forum.netgate.com/topic/184941/terrapin-s…
https://github.com/jtesta/ssh-audit/commit/8e972c…
https://github.com/rapier1/hpn-ssh/releases
https://github.com/proftpd/proftpd/issues/456
https://github.com/TeraTermProject/teraterm/relea…
https://github.com/mwiede/jsch/compare/jsch-0.2.1…
https://oryx-embedded.com/download/#changelog
https://www.crushftp.com/crush10wiki/Wiki.jsp?pag…
https://github.com/connectbot/sshlib/compare/2.2.…
https://github.com/connectbot/sshlib/commit/5c8b5…
https://github.com/mscdex/ssh2/commit/97b223f8891…
https://nest.pijul.com/pijul/thrussh/changes/D6H7…
https://crates.io/crates/thrussh/versions
https://github.com/NixOS/nixpkgs/pull/275249
http://www.openwall.com/lists/oss-security/2023/12/19/5	mailing-list
https://www.freebsd.org/security/advisories/FreeB…
https://arstechnica.com/security/2023/12/hackers-…
http://www.openwall.com/lists/oss-security/2023/12/20/3	mailing-list
http://packetstormsecurity.com/files/176280/Terra…
https://github.com/proftpd/proftpd/blob/d21e7a2e4…
https://github.com/proftpd/proftpd/blob/0a7ea9b0b…
https://github.com/apache/mina-sshd/issues/445
https://github.com/hierynomus/sshj/issues/916
https://github.com/janmojzis/tinyssh/issues/81
https://www.openwall.com/lists/oss-security/2023/…
https://security-tracker.debian.org/tracker/sourc…
https://github.com/net-ssh/net-ssh/blob/2e65064a5…
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://www.debian.org/security/2023/dsa-5586	vendor-advisory
https://www.lancom-systems.de/service-support/all…
https://www.theregister.com/2023/12/20/terrapin_a…
https://filezilla-project.org/versions.php
https://nova.app/releases/#v11.8
https://roumenpetrov.info/secsh/#news20231220
https://www.vandyke.com/products/securecrt/history.txt
https://help.panic.com/releasenotes/transmit5/
https://github.com/PowerShell/Win32-OpenSSH/relea…
https://github.com/PowerShell/Win32-OpenSSH/issues/2189
https://winscp.net/eng/docs/history#6.2.2
https://www.bitvise.com/ssh-client-version-history#933
https://github.com/cyd01/KiTTY/issues/520
https://www.debian.org/security/2023/dsa-5588	vendor-advisory
https://github.com/ssh-mitm/ssh-mitm/issues/165
https://news.ycombinator.com/item?id=38732005
https://lists.debian.org/debian-lts-announce/2023…	mailing-list
https://security.gentoo.org/glsa/202312-16	vendor-advisory
https://security.gentoo.org/glsa/202312-17	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://security.netapp.com/advisory/ntap-2024010…
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://psirt.global.sonicwall.com/vuln-detail/SN…
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.debian.org/debian-lts-announce/2024…	mailing-list
https://lists.debian.org/debian-lts-announce/2024…	mailing-list
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://support.apple.com/kb/HT214084
http://seclists.org/fulldisclosure/2024/Mar/21	mailing-list
https://lists.debian.org/debian-lts-announce/2024…	mailing-list
http://www.openwall.com/lists/oss-security/2024/04/17/8	mailing-list
http://www.openwall.com/lists/oss-security/2024/03/06/3	mailing-list

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T22:05:21.417Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit"
          },
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://matt.ucc.asn.au/dropbear/CHANGES"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.netsarang.com/en/xshell-update-history/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.paramiko.org/changelog.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openssh.com/openbsd.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/openssh/openssh-portable/commits/master"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.bitvise.com/ssh-server-version-history"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ronf/asyncssh/tags"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gitlab.com/libssh/libssh-mirror/-/tags"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openssh.com/txt/release-9.6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.terrapin-attack.com"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/warp-tech/russh/releases/tag/v0.40.2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2023/12/18/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://twitter.com/TrueSkrillor/status/1736774389725565005"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/paramiko/paramiko/issues/2337"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=38684904"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=38685286"
          },
          {
            "name": "[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/12/18/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/mwiede/jsch/issues/457"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/erlang/otp/releases/tag/OTP-26.2.1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/advisories/GHSA-45x7-px36-x8w8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/source-package/libssh2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2023-48795"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1217950"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugs.gentoo.org/920280"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/CVE-2023-48795"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/cve-2023-48795"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/mwiede/jsch/pull/461"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/libssh2/libssh2/pull/1291"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forum.netgate.com/topic/184941/terrapin-ssh-attack"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/rapier1/hpn-ssh/releases"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/proftpd/proftpd/issues/456"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://oryx-embedded.com/download/#changelog"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://crates.io/crates/thrussh/versions"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/NixOS/nixpkgs/pull/275249"
          },
          {
            "name": "[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/12/19/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/"
          },
          {
            "name": "[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/12/20/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/apache/mina-sshd/issues/445"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/hierynomus/sshj/issues/916"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/janmojzis/tinyssh/issues/81"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2023/12/20/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16"
          },
          {
            "name": "FEDORA-2023-0733306be9",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/"
          },
          {
            "name": "DSA-5586",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5586"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.theregister.com/2023/12/20/terrapin_attack_ssh"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://filezilla-project.org/versions.php"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://nova.app/releases/#v11.8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://roumenpetrov.info/secsh/#news20231220"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.vandyke.com/products/securecrt/history.txt"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://help.panic.com/releasenotes/transmit5/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2189"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://winscp.net/eng/docs/history#6.2.2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.bitvise.com/ssh-client-version-history#933"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/cyd01/KiTTY/issues/520"
          },
          {
            "name": "DSA-5588",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5588"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/ssh-mitm/ssh-mitm/issues/165"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=38732005"
          },
          {
            "name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"
          },
          {
            "name": "GLSA-202312-16",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202312-16"
          },
          {
            "name": "GLSA-202312-17",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202312-17"
          },
          {
            "name": "FEDORA-2023-20feb865d8",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/"
          },
          {
            "name": "FEDORA-2023-cb8c606fbb",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/"
          },
          {
            "name": "FEDORA-2023-e77300e4b5",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/"
          },
          {
            "name": "FEDORA-2023-b87ec6cf47",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/"
          },
          {
            "name": "FEDORA-2023-153404713b",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240105-0004/"
          },
          {
            "name": "FEDORA-2024-3bb23c77f3",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/"
          },
          {
            "name": "FEDORA-2023-55800423a8",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/"
          },
          {
            "name": "FEDORA-2024-d946b9ad25",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/"
          },
          {
            "name": "FEDORA-2024-71c2c6526c",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/"
          },
          {
            "name": "FEDORA-2024-39a8c72ea9",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002"
          },
          {
            "name": "FEDORA-2024-ae653fb07b",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
          },
          {
            "name": "FEDORA-2024-2705241461",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/"
          },
          {
            "name": "FEDORA-2024-fb32950d11",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
          },
          {
            "name": "FEDORA-2024-7b08207cdb",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/"
          },
          {
            "name": "FEDORA-2024-06ebb70bdd",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/"
          },
          {
            "name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html"
          },
          {
            "name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html"
          },
          {
            "name": "FEDORA-2024-a53b24023d",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/"
          },
          {
            "name": "FEDORA-2024-3fd1bc9276",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214084"
          },
          {
            "name": "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Mar/21"
          },
          {
            "name": "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html"
          },
          {
            "name": "[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/17/8"
          },
          {
            "name": "[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/06/3"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 5.9,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-48795",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2023-12-22T05:01:05.519910Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-354",
                "description": "CWE-354 Improper Validation of Integrity Check Value",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-27T20:45:57.733Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "affected": [
          {
            "defaultStatus": "unknown",
            "product": "RUGGEDCOM APE1808",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "V3.1.5",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "V3.1.5",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "V3.1.5",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "V3.1.5",
                "versionType": "custom"
              }
            ]
          },
          {
            "defaultStatus": "unknown",
            "product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
            "vendor": "Siemens",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "V3.1.5",
                "versionType": "custom"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-12T11:02:25.905Z",
          "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
          "shortName": "siemens-SADP"
        },
        "references": [
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-794697.html"
          },
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-364175.html"
          },
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-915275.html"
          },
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-769027.html"
          },
          {
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
          }
        ],
        "x_adpType": "supplier"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-01T18:06:23.972Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
        },
        {
          "url": "https://matt.ucc.asn.au/dropbear/CHANGES"
        },
        {
          "url": "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES"
        },
        {
          "url": "https://www.netsarang.com/en/xshell-update-history/"
        },
        {
          "url": "https://www.paramiko.org/changelog.html"
        },
        {
          "url": "https://www.openssh.com/openbsd.html"
        },
        {
          "url": "https://github.com/openssh/openssh-portable/commits/master"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ"
        },
        {
          "url": "https://www.bitvise.com/ssh-server-version-history"
        },
        {
          "url": "https://github.com/ronf/asyncssh/tags"
        },
        {
          "url": "https://gitlab.com/libssh/libssh-mirror/-/tags"
        },
        {
          "url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/"
        },
        {
          "url": "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42"
        },
        {
          "url": "https://www.openssh.com/txt/release-9.6"
        },
        {
          "url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/"
        },
        {
          "url": "https://www.terrapin-attack.com"
        },
        {
          "url": "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25"
        },
        {
          "url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst"
        },
        {
          "url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway/"
        },
        {
          "url": "https://github.com/warp-tech/russh/releases/tag/v0.40.2"
        },
        {
          "url": "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2023/12/18/2"
        },
        {
          "url": "https://twitter.com/TrueSkrillor/status/1736774389725565005"
        },
        {
          "url": "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d"
        },
        {
          "url": "https://github.com/paramiko/paramiko/issues/2337"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg"
        },
        {
          "url": "https://news.ycombinator.com/item?id=38684904"
        },
        {
          "url": "https://news.ycombinator.com/item?id=38685286"
        },
        {
          "name": "[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/12/18/3"
        },
        {
          "url": "https://github.com/mwiede/jsch/issues/457"
        },
        {
          "url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6"
        },
        {
          "url": "https://github.com/erlang/otp/releases/tag/OTP-26.2.1"
        },
        {
          "url": "https://github.com/advisories/GHSA-45x7-px36-x8w8"
        },
        {
          "url": "https://security-tracker.debian.org/tracker/source-package/libssh2"
        },
        {
          "url": "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg"
        },
        {
          "url": "https://security-tracker.debian.org/tracker/CVE-2023-48795"
        },
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1217950"
        },
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
        },
        {
          "url": "https://bugs.gentoo.org/920280"
        },
        {
          "url": "https://ubuntu.com/security/CVE-2023-48795"
        },
        {
          "url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/"
        },
        {
          "url": "https://access.redhat.com/security/cve/cve-2023-48795"
        },
        {
          "url": "https://github.com/mwiede/jsch/pull/461"
        },
        {
          "url": "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6"
        },
        {
          "url": "https://github.com/libssh2/libssh2/pull/1291"
        },
        {
          "url": "https://forum.netgate.com/topic/184941/terrapin-ssh-attack"
        },
        {
          "url": "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5"
        },
        {
          "url": "https://github.com/rapier1/hpn-ssh/releases"
        },
        {
          "url": "https://github.com/proftpd/proftpd/issues/456"
        },
        {
          "url": "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1"
        },
        {
          "url": "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15"
        },
        {
          "url": "https://oryx-embedded.com/download/#changelog"
        },
        {
          "url": "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update"
        },
        {
          "url": "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22"
        },
        {
          "url": "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab"
        },
        {
          "url": "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3"
        },
        {
          "url": "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC"
        },
        {
          "url": "https://crates.io/crates/thrussh/versions"
        },
        {
          "url": "https://github.com/NixOS/nixpkgs/pull/275249"
        },
        {
          "name": "[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/12/19/5"
        },
        {
          "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc"
        },
        {
          "url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/"
        },
        {
          "name": "[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2023/12/20/3"
        },
        {
          "url": "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html"
        },
        {
          "url": "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES"
        },
        {
          "url": "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES"
        },
        {
          "url": "https://github.com/apache/mina-sshd/issues/445"
        },
        {
          "url": "https://github.com/hierynomus/sshj/issues/916"
        },
        {
          "url": "https://github.com/janmojzis/tinyssh/issues/81"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2023/12/20/3"
        },
        {
          "url": "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2"
        },
        {
          "url": "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16"
        },
        {
          "name": "FEDORA-2023-0733306be9",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/"
        },
        {
          "name": "DSA-5586",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5586"
        },
        {
          "url": "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508"
        },
        {
          "url": "https://www.theregister.com/2023/12/20/terrapin_attack_ssh"
        },
        {
          "url": "https://filezilla-project.org/versions.php"
        },
        {
          "url": "https://nova.app/releases/#v11.8"
        },
        {
          "url": "https://roumenpetrov.info/secsh/#news20231220"
        },
        {
          "url": "https://www.vandyke.com/products/securecrt/history.txt"
        },
        {
          "url": "https://help.panic.com/releasenotes/transmit5/"
        },
        {
          "url": "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta"
        },
        {
          "url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2189"
        },
        {
          "url": "https://winscp.net/eng/docs/history#6.2.2"
        },
        {
          "url": "https://www.bitvise.com/ssh-client-version-history#933"
        },
        {
          "url": "https://github.com/cyd01/KiTTY/issues/520"
        },
        {
          "name": "DSA-5588",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5588"
        },
        {
          "url": "https://github.com/ssh-mitm/ssh-mitm/issues/165"
        },
        {
          "url": "https://news.ycombinator.com/item?id=38732005"
        },
        {
          "name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"
        },
        {
          "name": "GLSA-202312-16",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202312-16"
        },
        {
          "name": "GLSA-202312-17",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202312-17"
        },
        {
          "name": "FEDORA-2023-20feb865d8",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/"
        },
        {
          "name": "FEDORA-2023-cb8c606fbb",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/"
        },
        {
          "name": "FEDORA-2023-e77300e4b5",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/"
        },
        {
          "name": "FEDORA-2023-b87ec6cf47",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/"
        },
        {
          "name": "FEDORA-2023-153404713b",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240105-0004/"
        },
        {
          "name": "FEDORA-2024-3bb23c77f3",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/"
        },
        {
          "name": "FEDORA-2023-55800423a8",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/"
        },
        {
          "name": "FEDORA-2024-d946b9ad25",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/"
        },
        {
          "name": "FEDORA-2024-71c2c6526c",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/"
        },
        {
          "name": "FEDORA-2024-39a8c72ea9",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/"
        },
        {
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002"
        },
        {
          "name": "FEDORA-2024-ae653fb07b",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
        },
        {
          "name": "FEDORA-2024-2705241461",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/"
        },
        {
          "name": "FEDORA-2024-fb32950d11",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
        },
        {
          "name": "FEDORA-2024-7b08207cdb",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/"
        },
        {
          "name": "FEDORA-2024-06ebb70bdd",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/"
        },
        {
          "name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html"
        },
        {
          "name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html"
        },
        {
          "name": "FEDORA-2024-a53b24023d",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/"
        },
        {
          "name": "FEDORA-2024-3fd1bc9276",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/"
        },
        {
          "url": "https://support.apple.com/kb/HT214084"
        },
        {
          "name": "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4",
          "tags": [
            "mailing-list"
          ],
          "url": "http://seclists.org/fulldisclosure/2024/Mar/21"
        },
        {
          "name": "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html"
        },
        {
          "name": "[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2024/04/17/8"
        },
        {
          "name": "[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2024/03/06/3"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-48795",
    "datePublished": "2023-12-18T00:00:00.000Z",
    "dateReserved": "2023-11-20T00:00:00.000Z",
    "dateUpdated": "2026-05-12T11:02:25.905Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-52425 (GCVE-0-2023-52425)

Vulnerability from cvelistv5 – Published: 2024-02-04 00:00 – Updated: 2025-11-04 18:21

Summary

libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

Assigner

mitre

References

6 references

URL	Tags
https://github.com/libexpat/libexpat/pull/789
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
https://lists.debian.org/debian-lts-announce/2024…	mailing-list
http://www.openwall.com/lists/oss-security/2024/03/20/5	mailing-list
https://security.netapp.com/advisory/ntap-2024061…

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T18:21:45.774Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/libexpat/libexpat/pull/789"
          },
          {
            "name": "FEDORA-2024-fbe1f0c1aa",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/"
          },
          {
            "name": "FEDORA-2024-b8656bc059",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/"
          },
          {
            "name": "[debian-lts-announce] 20240409 [SECURITY] [DLA 3783-1] expat security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00006.html"
          },
          {
            "name": "[oss-security] 20240320 Security fixes in Python 3.10.14, 3.9.19, and 3.8.19 (CVE-2023-6597 \u0026 CVE-2024-0450)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/20/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240614-0003/"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00036.html"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "libexpat",
            "vendor": "libexpat_project",
            "versions": [
              {
                "lessThanOrEqual": "2.5.0",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52425",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-26T19:20:56.852251Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-400",
                "description": "CWE-400 Uncontrolled Resource Consumption",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-26T19:22:48.969Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-14T13:06:11.482Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/libexpat/libexpat/pull/789"
        },
        {
          "name": "FEDORA-2024-fbe1f0c1aa",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/"
        },
        {
          "name": "FEDORA-2024-b8656bc059",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/"
        },
        {
          "name": "[debian-lts-announce] 20240409 [SECURITY] [DLA 3783-1] expat security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00006.html"
        },
        {
          "name": "[oss-security] 20240320 Security fixes in Python 3.10.14, 3.9.19, and 3.8.19 (CVE-2023-6597 \u0026 CVE-2024-0450)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2024/03/20/5"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240614-0003/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-52425",
    "datePublished": "2024-02-04T00:00:00.000Z",
    "dateReserved": "2024-02-04T00:00:00.000Z",
    "dateUpdated": "2025-11-04T18:21:45.774Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-0874 (GCVE-0-2024-0874)

Vulnerability from cvelistv5 – Published: 2024-04-25 16:22 – Updated: 2026-04-18 17:41

Title

Coredns: cd bit response is cached and served later

Summary

A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.

Severity

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE

CWE-524 - Use of Cache Containing Sensitive Information

Assigner

redhat

References

8 references

URL	Tags
https://access.redhat.com/errata/RHSA-2024:0041	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4850	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6009	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6406	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-0874	vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2219234	issue-trackingx_refsource_REDHAT
https://github.com/coredns/coredns/issues/6186
https://github.com/coredns/coredns/pull/6354

Impacted products

7 products

Vendor	Product	Version
		Affected: 0 , < 1.11.2 (semver)
Red Hat	Red Hat OpenShift Container Platform 4.13	Unaffected: v4.13.0-202408260940.p0.ge70f097.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.13::el9 cpe:/a:redhat:openshift:4.13::el8
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: v4.14.0-202408260910.p0.gfdd6037.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el9 cpe:/a:redhat:openshift:4.14::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: v4.15.0-202407230407.p0.g1326282.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el8 cpe:/a:redhat:openshift:4.15::el9
Red Hat	Red Hat OpenShift Container Platform 4.16	Unaffected: v4.16.0-202406131906.p0.g04d84f7.assembly.stream.el9 , < * (rpm) cpe:/a:redhat:openshift:4.16::el9
Red Hat	Logging Subsystem for Red Hat OpenShift	cpe:/a:redhat:logging:5
Red Hat	Red Hat Advanced Cluster Management for Kubernetes 2	cpe:/a:redhat:acm:2

Date Public

2023-07-03 00:00

Credits

This issue was discovered by Petr Mensik (Red Hat).

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-0874",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-13T20:18:31.995445Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-13T20:18:37.906Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:18:18.998Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2024:0041",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0041"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-0874"
          },
          {
            "name": "RHBZ#2219234",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219234"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/coredns/coredns/issues/6186"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/coredns/coredns/pull/6354"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/coredns/coredns",
          "defaultStatus": "unaffected",
          "packageName": "coredns",
          "versions": [
            {
              "lessThan": "1.11.2",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el9",
            "cpe:/a:redhat:openshift:4.13::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-coredns",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.13.0-202408260940.p0.ge70f097.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el9",
            "cpe:/a:redhat:openshift:4.14::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-coredns",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.14.0-202408260910.p0.gfdd6037.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el8",
            "cpe:/a:redhat:openshift:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-coredns-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202407230407.p0.g1326282.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-coredns-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.16.0-202406131906.p0.g04d84f7.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:logging:5"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openshift-logging/logging-loki-rhel8",
          "product": "Logging Subsystem for Red Hat OpenShift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "affected",
          "packageName": "rhacm2/lighthouse-agent-rhel9",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered by Petr Mensik (Red Hat)."
        }
      ],
      "datePublic": "2023-07-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-524",
              "description": "Use of Cache Containing Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-18T17:41:22.594Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:0041",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0041"
        },
        {
          "name": "RHSA-2024:4850",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4850"
        },
        {
          "name": "RHSA-2024:6009",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6009"
        },
        {
          "name": "RHSA-2024:6406",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6406"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-0874"
        },
        {
          "name": "RHBZ#2219234",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219234"
        },
        {
          "url": "https://github.com/coredns/coredns/issues/6186"
        },
        {
          "url": "https://github.com/coredns/coredns/pull/6354"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-07-03T00:00:00.000Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-07-03T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Coredns: cd bit response is cached and served later",
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-524: Use of Cache Containing Sensitive Information"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-0874",
    "datePublished": "2024-04-25T16:22:44.182Z",
    "dateReserved": "2024-01-24T23:42:08.424Z",
    "dateUpdated": "2026-04-18T17:41:22.594Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-1394 (GCVE-0-2024-1394)

Vulnerability from cvelistv5 – Published: 2024-03-21 12:16 – Updated: 2026-04-23 01:32

Title

Golang-fips/openssl: memory leaks in code encrypting and decrypting rsa payloads

Summary

A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey and ctx. That function uses named return parameters to free pkey and ctx if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fail(...)" pattern, meaning that pkey and ctx will be nil inside the deferred function that should free them.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-401 - Missing Release of Memory after Effective Lifetime

Assigner

redhat

References

46 references

URL	Tags
https://access.redhat.com/errata/RHSA-2024:1462	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1468	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1472	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1501	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1502	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1561	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1563	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1566	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1567	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1574	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1640	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1644	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1646	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1763	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1897	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2562	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2568	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2569	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2729	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2730	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2767	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3265	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3352	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4146	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4371	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4378	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4379	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4502	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4581	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4591	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4672	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4699	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4761	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4762	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4960	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:5258	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:5634	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7262	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7118	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-1394	vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2262921	issue-trackingx_refsource_REDHAT
https://github.com/golang-fips/openssl/commit/85d…
https://github.com/golang-fips/openssl/security/a…
https://github.com/microsoft/go-crypto-openssl/co…
https://pkg.go.dev/vuln/GO-2024-2660
https://vuln.go.dev/ID/GO-2024-2660.json

Impacted products

149 products

Vendor	Product	Version
Red Hat	Red Hat Ansible Automation Platform 2.4 for RHEL 8	Unaffected: 0:1.4.5-1.el8ap , < * (rpm) cpe:/a:redhat:ansible_automation_platform:2.4::el8 cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8 cpe:/a:redhat:ansible_automation_platform:2.4::el9 cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
Red Hat	Red Hat Ansible Automation Platform 2.4 for RHEL 9	Unaffected: 0:1.4.5-1.el9ap , < * (rpm) cpe:/a:redhat:ansible_automation_platform:2.4::el8 cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8 cpe:/a:redhat:ansible_automation_platform:2.4::el9 cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
Red Hat	Red Hat Developer Tools	Unaffected: 0:1.19.13-6.el7_9 , < * (rpm) cpe:/a:redhat:devtools:2023::el7
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020240313170136.26eb71ac , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:5.1.1-2.el8_9 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:9.2.10-8.el8_9 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:9.2.10-16.el8_10 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8100020240808093819.afee755d , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:101-2.el8_10 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.20.12-2.el9_3 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:9.2.10-8.el9_3 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:5.1.1-2.el9_3 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.21.9-2.el9_4 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:9.2.10-16.el9_4 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:5.1.1-2.el9_4 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 2:1.33.7-3.el9_4 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 4:4.9.4-5.el9_4 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 6:0.7.3-4.el9_4 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 2:1.14.3-3.el9_4 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 1:1.4.0-4.el9_4 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 4:1.1.12-3.el9_4 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:132-1.el9 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 2:4.2.0-4.el9_0 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 1:1.0.1-6.el9_0 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:1.19.13-7.el9_2 , < * (rpm) cpe:/a:redhat:rhel_eus:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 2:4.4.1-20.el9_2 , < * (rpm) cpe:/a:redhat:rhel_eus:9.2::appstream
Red Hat	Red Hat OpenShift Container Platform 4.12	Unaffected: 1:1.23.4-5.2.rhaos4.12.el8 , < * (rpm) cpe:/a:redhat:openshift:4.12::el9 cpe:/a:redhat:openshift:4.12::el8
Red Hat	Red Hat OpenShift Container Platform 4.12	Unaffected: 0:0.16.0-2.2.rhaos4.12.el8 , < * (rpm) cpe:/a:redhat:openshift:4.12::el9 cpe:/a:redhat:openshift:4.12::el8
Red Hat	Red Hat OpenShift Container Platform 4.12	Unaffected: 1:1.4.0-1.1.rhaos4.12.el8 , < * (rpm) cpe:/a:redhat:openshift:4.12::el9 cpe:/a:redhat:openshift:4.12::el8
Red Hat	Red Hat OpenShift Container Platform 4.12	Unaffected: 0:1.25.3-5.2.rhaos4.12.git44a2cb2.el9 , < * (rpm) cpe:/a:redhat:openshift:4.12::el9 cpe:/a:redhat:openshift:4.12::el8
Red Hat	Red Hat OpenShift Container Platform 4.12	Unaffected: 0:1.25.0-2.2.el8 , < * (rpm) cpe:/a:redhat:openshift:4.12::el9 cpe:/a:redhat:openshift:4.12::el8
Red Hat	Red Hat OpenShift Container Platform 4.12	Unaffected: 0:2.14.0-5.2.rhaos4.12.el9 , < * (rpm) cpe:/a:redhat:openshift:4.12::el9 cpe:/a:redhat:openshift:4.12::el8
Red Hat	Red Hat OpenShift Container Platform 4.12	Unaffected: 0:4.12.0-202403251017.p0.gd4c9e3c.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.12::el9 cpe:/a:redhat:openshift:4.12::el8
Red Hat	Red Hat OpenShift Container Platform 4.12	Unaffected: 3:4.2.0-7.2.rhaos4.12.el9 , < * (rpm) cpe:/a:redhat:openshift:4.12::el9 cpe:/a:redhat:openshift:4.12::el8
Red Hat	Red Hat OpenShift Container Platform 4.12	Unaffected: 3:1.1.6-5.2.rhaos4.12.el8 , < * (rpm) cpe:/a:redhat:openshift:4.12::el9 cpe:/a:redhat:openshift:4.12::el8
Red Hat	Red Hat OpenShift Container Platform 4.12	Unaffected: 2:1.9.4-3.2.rhaos4.12.el8 , < * (rpm) cpe:/a:redhat:openshift:4.12::el9 cpe:/a:redhat:openshift:4.12::el8
Red Hat	Red Hat OpenShift Container Platform 4.13	Unaffected: 1:1.29.1-2.2.rhaos4.13.el8 , < * (rpm) cpe:/a:redhat:openshift:4.13::el8 cpe:/a:redhat:openshift:4.13::el9
Red Hat	Red Hat OpenShift Container Platform 4.13	Unaffected: 1:1.4.0-1.1.rhaos4.13.el8 , < * (rpm) cpe:/a:redhat:openshift:4.13::el8 cpe:/a:redhat:openshift:4.13::el9
Red Hat	Red Hat OpenShift Container Platform 4.13	Unaffected: 0:1.26.5-11.1.rhaos4.13.git919cc6e.el8 , < * (rpm) cpe:/a:redhat:openshift:4.13::el8 cpe:/a:redhat:openshift:4.13::el9
Red Hat	Red Hat OpenShift Container Platform 4.13	Unaffected: 0:1.26.0-4.1.el8 , < * (rpm) cpe:/a:redhat:openshift:4.13::el8 cpe:/a:redhat:openshift:4.13::el9
Red Hat	Red Hat OpenShift Container Platform 4.13	Unaffected: 0:2.15.0-7.1.rhaos4.13.el9 , < * (rpm) cpe:/a:redhat:openshift:4.13::el8 cpe:/a:redhat:openshift:4.13::el9
Red Hat	Red Hat OpenShift Container Platform 4.13	Unaffected: 0:4.13.0-202404020737.p0.gd192e90.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.13::el8 cpe:/a:redhat:openshift:4.13::el9
Red Hat	Red Hat OpenShift Container Platform 4.13	Unaffected: 3:4.4.1-5.2.rhaos4.13.el8 , < * (rpm) cpe:/a:redhat:openshift:4.13::el8 cpe:/a:redhat:openshift:4.13::el9
Red Hat	Red Hat OpenShift Container Platform 4.13	Unaffected: 4:1.1.12-1.1.rhaos4.13.el8 , < * (rpm) cpe:/a:redhat:openshift:4.13::el8 cpe:/a:redhat:openshift:4.13::el9
Red Hat	Red Hat OpenShift Container Platform 4.13	Unaffected: 2:1.11.2-2.2.rhaos4.13.el8 , < * (rpm) cpe:/a:redhat:openshift:4.13::el8 cpe:/a:redhat:openshift:4.13::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 0:0.19.0-1.3.rhaos4.14.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 1:1.4.0-1.2.rhaos4.14.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 0:1.27.4-6.1.rhaos4.14.gitd09e4c0.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 0:1.27.0-3.1.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 0:2.16.2-2.1.rhaos4.14.el9 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 0:4.14.0-202403261640.p0.gf7b14a9.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 0:4.14.0-202403251040.p0.g607e2dd.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 3:4.4.1-11.3.rhaos4.14.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 2:1.11.2-10.3.rhaos4.14.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 1:1.29.1-10.4.rhaos4.14.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 0:0.19.0-1.4.rhaos4.14.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 3:2.1.7-3.4.rhaos4.14.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 1:1.4.0-1.3.rhaos4.14.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 0:1.27.4-7.2.rhaos4.14.git082c52f.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 0:1.27.0-3.2.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 0:2.16.2-2.2.rhaos4.14.el9 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 0:4.14.0-202404160939.p0.g7bee54d.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 0:4.14.0-202404151639.p0.gd2acdd5.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 0:4.14.0-202404151639.p0.g81558cc.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 0:4.14.0-202404151639.p0.gf7b14a9.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 0:4.14.0-202404151639.p0.g8926a29.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 0:4.14.0-202404151639.p0.g607e2dd.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 3:4.4.1-11.4.rhaos4.14.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 4:1.1.12-1.2.rhaos4.14.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 2:1.11.2-10.4.rhaos4.14.el8 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 0:4.14.19-202403280926.p0.gc1f8861.assembly.4.14.19.el9 , < * (rpm) cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.14	Unaffected: 414.92.202407300859-0 , < * (rpm) cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: 1:1.29.1-20.3.rhaos4.15.el8 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: 0:0.20.0-1.1.rhaos4.15.el8 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: 1:1.4.0-1.2.rhaos4.15.el8 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: 0:1.28.4-8.rhaos4.15.git24f50b9.el8 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: 0:1.28.0-3.1.el8 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: 0:2.16.2-2.1.rhaos4.15.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: 0:4.15.0-202403211240.p0.g62c4d45.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: 0:4.15.0-202403211549.p0.g2e3cca1.assembly.stream.el8 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: 3:4.4.1-21.1.rhaos4.15.el8 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: 4:1.1.12-1.1.rhaos4.15.el8 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: 2:1.11.2-21.2.rhaos4.15.el8 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: 0:4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9
Red Hat	Red Hat OpenShift Container Platform 4.15	Unaffected: 415.92.202407191425-0 , < * (rpm) cpe:/a:redhat:openshift:4.15::el9 cpe:/a:redhat:openshift:4.15::el8
Red Hat	Red Hat OpenStack Platform 16.2	Unaffected: 0:3.3.23-16.el8ost , < * (rpm) cpe:/a:redhat:openstack:16.2::el8
Red Hat	Red Hat OpenStack Platform 17.1 for RHEL 8	Unaffected: 0:0.2.1-3.el8ost , < * (rpm) cpe:/a:redhat:openstack:17.1::el8
Red Hat	Red Hat OpenStack Platform 17.1 for RHEL 9	Unaffected: 0:3.4.26-8.el9ost , < * (rpm) cpe:/a:redhat:openstack:17.1::el9
Red Hat	Red Hat OpenStack Platform 17.1 for RHEL 9	Unaffected: 0:0.2.1-3.el9ost , < * (rpm) cpe:/a:redhat:openstack:17.1::el9
Red Hat	RHODF-4.16-RHEL-9	Unaffected: v4.16.0-137 , < * (rpm) cpe:/a:redhat:openshift_data_foundation:4.16::el9
Red Hat	RHODF-4.16-RHEL-9	Unaffected: v4.16.0-38 , < * (rpm) cpe:/a:redhat:openshift_data_foundation:4.16::el9
Red Hat	NBDE Tang Server	cpe:/a:redhat:network_bound_disk_encryption_tang:1
Red Hat	OpenShift Developer Tools and Services	cpe:/a:redhat:ocp_tools
Red Hat	OpenShift Developer Tools and Services	cpe:/a:redhat:ocp_tools
Red Hat	OpenShift Pipelines	cpe:/a:redhat:openshift_pipelines:1
Red Hat	OpenShift Serverless	cpe:/a:redhat:serverless:1
Red Hat	Red Hat Ansible Automation Platform 1.2	cpe:/a:redhat:ansible_automation_platform
Red Hat	Red Hat Ansible Automation Platform 1.2	cpe:/a:redhat:ansible_automation_platform
Red Hat	Red Hat Certification for Red Hat Enterprise Linux 8	cpe:/a:redhat:certifications:1::el8
Red Hat	Red Hat Certification Program for Red Hat Enterprise Linux 9	cpe:/a:redhat:certifications:9
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4
Red Hat	Red Hat Openshift Container Storage 4	cpe:/a:redhat:openshift_container_storage:4
Red Hat	Red Hat OpenShift Dev Spaces	cpe:/a:redhat:openshift_devspaces:3
Red Hat	Red Hat OpenShift GitOps	cpe:/a:redhat:openshift_gitops:1
Red Hat	Red Hat OpenShift on AWS	cpe:/a:redhat:openshift_service_on_aws:1
Red Hat	Red Hat OpenShift Virtualization 4	cpe:/a:redhat:container_native_virtualization:4
Red Hat	Red Hat OpenStack Platform 16.1	cpe:/a:redhat:openstack:16.1
Red Hat	Red Hat OpenStack Platform 16.1	cpe:/a:redhat:openstack:16.1
Red Hat	Red Hat OpenStack Platform 16.1	cpe:/a:redhat:openstack:16.1
Red Hat	Red Hat OpenStack Platform 16.2	cpe:/a:redhat:openstack:16.2
Red Hat	Red Hat OpenStack Platform 16.2	cpe:/a:redhat:openstack:16.2
Red Hat	Red Hat OpenStack Platform 16.2	cpe:/a:redhat:openstack:16.2
Red Hat	Red Hat OpenStack Platform 17.1	cpe:/a:redhat:openstack:17.1
Red Hat	Red Hat OpenStack Platform 17.1	cpe:/a:redhat:openstack:17.1
Red Hat	Red Hat OpenStack Platform 17.1	cpe:/a:redhat:openstack:17.1
Red Hat	Red Hat OpenStack Platform 18.0	cpe:/a:redhat:openstack:18.0
Red Hat	Red Hat Service Interconnect 1	cpe:/a:redhat:service_interconnect:1
Red Hat	Red Hat Service Interconnect 1	cpe:/a:redhat:service_interconnect:1
Red Hat	Red Hat Service Interconnect 1	cpe:/a:redhat:service_interconnect:1
Red Hat	Red Hat Software Collections	cpe:/a:redhat:rhel_software_collections:3
Red Hat	Red Hat Storage 3	cpe:/a:redhat:storage:3

Date Public

2024-03-20 00:00

Credits

Red Hat would like to thank @qmuntal and @r3kumar for reporting this issue.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-1394",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-21T18:21:05.099385Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-05T13:50:55.732Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:40:20.583Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2024:1462",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1462"
          },
          {
            "name": "RHSA-2024:1468",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1468"
          },
          {
            "name": "RHSA-2024:1472",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1472"
          },
          {
            "name": "RHSA-2024:1501",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1501"
          },
          {
            "name": "RHSA-2024:1502",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1502"
          },
          {
            "name": "RHSA-2024:1561",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1561"
          },
          {
            "name": "RHSA-2024:1563",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1563"
          },
          {
            "name": "RHSA-2024:1566",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1566"
          },
          {
            "name": "RHSA-2024:1567",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1567"
          },
          {
            "name": "RHSA-2024:1574",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1574"
          },
          {
            "name": "RHSA-2024:1640",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1640"
          },
          {
            "name": "RHSA-2024:1644",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1644"
          },
          {
            "name": "RHSA-2024:1646",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1646"
          },
          {
            "name": "RHSA-2024:1763",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1763"
          },
          {
            "name": "RHSA-2024:1897",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1897"
          },
          {
            "name": "RHSA-2024:2562",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2562"
          },
          {
            "name": "RHSA-2024:2568",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2568"
          },
          {
            "name": "RHSA-2024:2569",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2569"
          },
          {
            "name": "RHSA-2024:2729",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2729"
          },
          {
            "name": "RHSA-2024:2730",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2730"
          },
          {
            "name": "RHSA-2024:2767",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2767"
          },
          {
            "name": "RHSA-2024:3265",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3265"
          },
          {
            "name": "RHSA-2024:3352",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3352"
          },
          {
            "name": "RHSA-2024:4146",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4146"
          },
          {
            "name": "RHSA-2024:4371",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4371"
          },
          {
            "name": "RHSA-2024:4378",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4378"
          },
          {
            "name": "RHSA-2024:4379",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4379"
          },
          {
            "name": "RHSA-2024:4502",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4502"
          },
          {
            "name": "RHSA-2024:4581",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4581"
          },
          {
            "name": "RHSA-2024:4591",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4591"
          },
          {
            "name": "RHSA-2024:4672",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4672"
          },
          {
            "name": "RHSA-2024:4699",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4699"
          },
          {
            "name": "RHSA-2024:4761",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4761"
          },
          {
            "name": "RHSA-2024:4762",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4762"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-1394"
          },
          {
            "name": "RHBZ#2262921",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262921"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://pkg.go.dev/vuln/GO-2024-2660"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://vuln.go.dev/ID/GO-2024-2660.json"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2.4::el8",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
            "cpe:/a:redhat:ansible_automation_platform:2.4::el9",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "receptor",
          "product": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.4.5-1.el8ap",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2.4::el8",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
            "cpe:/a:redhat:ansible_automation_platform:2.4::el9",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "receptor",
          "product": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.4.5-1.el9ap",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:devtools:2023::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "go-toolset-1.19-golang",
          "product": "Red Hat Developer Tools",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.19.13-6.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "go-toolset:rhel8",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020240313170136.26eb71ac",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "grafana-pcp",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.1.1-2.el8_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "grafana",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:9.2.10-8.el8_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "grafana",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:9.2.10-16.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020240808093819.afee755d",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "osbuild-composer",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:101-2.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "golang",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.12-2.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "grafana",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:9.2.10-8.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "grafana-pcp",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.1.1-2.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "golang",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.21.9-2.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "grafana",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:9.2.10-16.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "grafana-pcp",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.1.1-2.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.33.7-3.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:4.9.4-5.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gvisor-tap-vsock",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "6:0.7.3-4.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.14.3-3.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "containernetworking-plugins",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:1.4.0-4.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "runc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:1.1.12-3.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "osbuild-composer",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:132-1.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:4.2.0-4.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "containernetworking-plugins",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:1.0.1-6.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "golang",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.19.13-7.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:4.4.1-20.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.12::el9",
            "cpe:/a:redhat:openshift:4.12::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat OpenShift Container Platform 4.12",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:1.23.4-5.2.rhaos4.12.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.12::el9",
            "cpe:/a:redhat:openshift:4.12::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "butane",
          "product": "Red Hat OpenShift Container Platform 4.12",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.16.0-2.2.rhaos4.12.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.12::el9",
            "cpe:/a:redhat:openshift:4.12::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "containernetworking-plugins",
          "product": "Red Hat OpenShift Container Platform 4.12",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:1.4.0-1.1.rhaos4.12.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.12::el9",
            "cpe:/a:redhat:openshift:4.12::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4.12",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.25.3-5.2.rhaos4.12.git44a2cb2.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.12::el9",
            "cpe:/a:redhat:openshift:4.12::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-tools",
          "product": "Red Hat OpenShift Container Platform 4.12",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.25.0-2.2.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.12::el9",
            "cpe:/a:redhat:openshift:4.12::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "ignition",
          "product": "Red Hat OpenShift Container Platform 4.12",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.14.0-5.2.rhaos4.12.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.12::el9",
            "cpe:/a:redhat:openshift:4.12::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-clients",
          "product": "Red Hat OpenShift Container Platform 4.12",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.12.0-202403251017.p0.gd4c9e3c.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.12::el9",
            "cpe:/a:redhat:openshift:4.12::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.12",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3:4.2.0-7.2.rhaos4.12.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.12::el9",
            "cpe:/a:redhat:openshift:4.12::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "runc",
          "product": "Red Hat OpenShift Container Platform 4.12",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3:1.1.6-5.2.rhaos4.12.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.12::el9",
            "cpe:/a:redhat:openshift:4.12::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat OpenShift Container Platform 4.12",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.9.4-3.2.rhaos4.12.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el8",
            "cpe:/a:redhat:openshift:4.13::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:1.29.1-2.2.rhaos4.13.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el8",
            "cpe:/a:redhat:openshift:4.13::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "containernetworking-plugins",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:1.4.0-1.1.rhaos4.13.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el8",
            "cpe:/a:redhat:openshift:4.13::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.26.5-11.1.rhaos4.13.git919cc6e.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el8",
            "cpe:/a:redhat:openshift:4.13::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-tools",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.26.0-4.1.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el8",
            "cpe:/a:redhat:openshift:4.13::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ignition",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.15.0-7.1.rhaos4.13.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el8",
            "cpe:/a:redhat:openshift:4.13::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-clients",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.13.0-202404020737.p0.gd192e90.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el8",
            "cpe:/a:redhat:openshift:4.13::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3:4.4.1-5.2.rhaos4.13.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el8",
            "cpe:/a:redhat:openshift:4.13::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "runc",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:1.1.12-1.1.rhaos4.13.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el8",
            "cpe:/a:redhat:openshift:4.13::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.11.2-2.2.rhaos4.13.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "butane",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.19.0-1.3.rhaos4.14.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "containernetworking-plugins",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:1.4.0-1.2.rhaos4.14.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.27.4-6.1.rhaos4.14.gitd09e4c0.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-tools",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.27.0-3.1.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ignition",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.16.2-2.1.rhaos4.14.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-clients",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.14.0-202403261640.p0.gf7b14a9.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ose-aws-ecr-image-credential-provider",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.14.0-202403251040.p0.g607e2dd.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3:4.4.1-11.3.rhaos4.14.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.11.2-10.3.rhaos4.14.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:1.29.1-10.4.rhaos4.14.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "butane",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.19.0-1.4.rhaos4.14.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "conmon",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3:2.1.7-3.4.rhaos4.14.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "containernetworking-plugins",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:1.4.0-1.3.rhaos4.14.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.27.4-7.2.rhaos4.14.git082c52f.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-tools",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.27.0-3.2.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ignition",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.16.2-2.2.rhaos4.14.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.14.0-202404160939.p0.g7bee54d.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4-aws-iso",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.14.0-202404151639.p0.gd2acdd5.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-ansible",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.14.0-202404151639.p0.g81558cc.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-clients",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.14.0-202404151639.p0.gf7b14a9.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-kuryr",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.14.0-202404151639.p0.g8926a29.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ose-aws-ecr-image-credential-provider",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.14.0-202404151639.p0.g607e2dd.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3:4.4.1-11.4.rhaos4.14.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "runc",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:1.1.12-1.2.rhaos4.14.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.11.2-10.4.rhaos4.14.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "microshift",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.14.19-202403280926.p0.gc1f8861.assembly.4.14.19.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "414.92.202407300859-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:1.29.1-20.3.rhaos4.15.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "butane",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.20.0-1.1.rhaos4.15.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "containernetworking-plugins",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:1.4.0-1.2.rhaos4.15.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.28.4-8.rhaos4.15.git24f50b9.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-tools",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.28.0-3.1.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "ignition",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.16.2-2.1.rhaos4.15.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-clients",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.15.0-202403211240.p0.g62c4d45.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "ose-aws-ecr-image-credential-provider",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.15.0-202403211549.p0.g2e3cca1.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3:4.4.1-21.1.rhaos4.15.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "runc",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:1.1.12-1.1.rhaos4.15.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.11.2-21.2.rhaos4.15.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "microshift",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.15.6-202403280951.p0.g94b1c2a.assembly.4.15.6.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "415.92.202407191425-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "etcd",
          "product": "Red Hat OpenStack Platform 16.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.3.23-16.el8ost",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:17.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "collectd-sensubility",
          "product": "Red Hat OpenStack Platform 17.1 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.2.1-3.el8ost",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:17.1::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "etcd",
          "product": "Red Hat OpenStack Platform 17.1 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.4.26-8.el9ost",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:17.1::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "collectd-sensubility",
          "product": "Red Hat OpenStack Platform 17.1 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.2.1-3.el9ost",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/mcg-operator-bundle",
          "product": "RHODF-4.16-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.16.0-137",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/mcg-rhel9-operator",
          "product": "RHODF-4.16-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.16.0-38",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:network_bound_disk_encryption_tang:1"
          ],
          "defaultStatus": "affected",
          "packageName": "tang-operator-bundle-container",
          "product": "NBDE Tang Server",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ocp_tools"
          ],
          "defaultStatus": "affected",
          "packageName": "helm",
          "product": "OpenShift Developer Tools and Services",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ocp_tools"
          ],
          "defaultStatus": "affected",
          "packageName": "odo",
          "product": "OpenShift Developer Tools and Services",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openshift-pipelines-client",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:serverless:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-serverless-clients",
          "product": "OpenShift Serverless",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform"
          ],
          "defaultStatus": "affected",
          "packageName": "helm",
          "product": "Red Hat Ansible Automation Platform 1.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-clients",
          "product": "Red Hat Ansible Automation Platform 1.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:certifications:1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "redhat-certification-preflight",
          "product": "Red Hat Certification for Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:certifications:9"
          ],
          "defaultStatus": "affected",
          "packageName": "redhat-certification-preflight",
          "product": "Red Hat Certification Program for Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "containernetworking-plugins",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "host-metering",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "rhc-worker-script",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "skopeo",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "container-tools:4.0/buildah",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "container-tools:4.0/conmon",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "container-tools:4.0/containernetworking-plugins",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "container-tools:4.0/podman",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "container-tools:4.0/runc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "container-tools:4.0/skopeo",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "container-tools:4.0/toolbox",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "git-lfs",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "weldr-client",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "butane",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "conmon",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "git-lfs",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "ignition",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "toolbox",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "weldr-client",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "conmon-rs",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "golang-github-prometheus-promu",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "lifecycle-agent-operator-bundle-container",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unknown",
          "packageName": "openshift4/bare-metal-event-relay-operator-bundle",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openshift4/numaresources-operator-bundle",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openshift4/ose-cluster-machine-approver-rhel9",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_container_storage:4"
          ],
          "defaultStatus": "unknown",
          "packageName": "mcg",
          "product": "Red Hat Openshift Container Storage 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_devspaces:3"
          ],
          "defaultStatus": "affected",
          "packageName": "devspaces/machineexec-rhel8",
          "product": "Red Hat OpenShift Dev Spaces",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/gitops-operator-bundle",
          "product": "Red Hat OpenShift GitOps",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_service_on_aws:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rosa",
          "product": "Red Hat OpenShift on AWS",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kubevirt",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.1"
          ],
          "defaultStatus": "unknown",
          "packageName": "etcd",
          "product": "Red Hat OpenStack Platform 16.1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.1"
          ],
          "defaultStatus": "affected",
          "packageName": "golang-qpid-apache",
          "product": "Red Hat OpenStack Platform 16.1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "qpid-proton",
          "product": "Red Hat OpenStack Platform 16.1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.2"
          ],
          "defaultStatus": "affected",
          "packageName": "golang-github-infrawatch-apputils",
          "product": "Red Hat OpenStack Platform 16.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.2"
          ],
          "defaultStatus": "affected",
          "packageName": "golang-qpid-apache",
          "product": "Red Hat OpenStack Platform 16.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.2"
          ],
          "defaultStatus": "unaffected",
          "packageName": "qpid-proton",
          "product": "Red Hat OpenStack Platform 16.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:17.1"
          ],
          "defaultStatus": "affected",
          "packageName": "golang-github-infrawatch-apputils",
          "product": "Red Hat OpenStack Platform 17.1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:17.1"
          ],
          "defaultStatus": "affected",
          "packageName": "golang-qpid-apache",
          "product": "Red Hat OpenStack Platform 17.1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:17.1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "qpid-proton",
          "product": "Red Hat OpenStack Platform 17.1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:18.0"
          ],
          "defaultStatus": "affected",
          "packageName": "etcd",
          "product": "Red Hat OpenStack Platform 18.0",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_interconnect:1"
          ],
          "defaultStatus": "affected",
          "packageName": "qpid-proton",
          "product": "Red Hat Service Interconnect 1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_interconnect:1"
          ],
          "defaultStatus": "affected",
          "packageName": "skupper-cli",
          "product": "Red Hat Service Interconnect 1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_interconnect:1"
          ],
          "defaultStatus": "affected",
          "packageName": "skupper-router",
          "product": "Red Hat Service Interconnect 1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rh-git227-git-lfs",
          "product": "Red Hat Software Collections",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:storage:3"
          ],
          "defaultStatus": "unknown",
          "packageName": "heketi",
          "product": "Red Hat Storage 3",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank @qmuntal and @r3kumar for reporting this issue."
        }
      ],
      "datePublic": "2024-03-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs\u200b. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey\u200b and ctx\u200b. That function uses named return parameters to free pkey\u200b and ctx\u200b if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the \"return nil, nil, fail(...)\" pattern, meaning that pkey\u200b and ctx\u200b will be nil inside the deferred function that should free them."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-401",
              "description": "Missing Release of Memory after Effective Lifetime",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-23T01:32:06.267Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:1462",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1462"
        },
        {
          "name": "RHSA-2024:1468",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1468"
        },
        {
          "name": "RHSA-2024:1472",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1472"
        },
        {
          "name": "RHSA-2024:1501",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1501"
        },
        {
          "name": "RHSA-2024:1502",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1502"
        },
        {
          "name": "RHSA-2024:1561",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1561"
        },
        {
          "name": "RHSA-2024:1563",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1563"
        },
        {
          "name": "RHSA-2024:1566",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1566"
        },
        {
          "name": "RHSA-2024:1567",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1567"
        },
        {
          "name": "RHSA-2024:1574",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1574"
        },
        {
          "name": "RHSA-2024:1640",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1640"
        },
        {
          "name": "RHSA-2024:1644",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1644"
        },
        {
          "name": "RHSA-2024:1646",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1646"
        },
        {
          "name": "RHSA-2024:1763",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1763"
        },
        {
          "name": "RHSA-2024:1897",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1897"
        },
        {
          "name": "RHSA-2024:2562",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2562"
        },
        {
          "name": "RHSA-2024:2568",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2568"
        },
        {
          "name": "RHSA-2024:2569",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2569"
        },
        {
          "name": "RHSA-2024:2729",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2729"
        },
        {
          "name": "RHSA-2024:2730",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2730"
        },
        {
          "name": "RHSA-2024:2767",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2767"
        },
        {
          "name": "RHSA-2024:3265",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3265"
        },
        {
          "name": "RHSA-2024:3352",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3352"
        },
        {
          "name": "RHSA-2024:4146",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4146"
        },
        {
          "name": "RHSA-2024:4371",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4371"
        },
        {
          "name": "RHSA-2024:4378",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4378"
        },
        {
          "name": "RHSA-2024:4379",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4379"
        },
        {
          "name": "RHSA-2024:4502",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4502"
        },
        {
          "name": "RHSA-2024:4581",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4581"
        },
        {
          "name": "RHSA-2024:4591",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4591"
        },
        {
          "name": "RHSA-2024:4672",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4672"
        },
        {
          "name": "RHSA-2024:4699",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4699"
        },
        {
          "name": "RHSA-2024:4761",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4761"
        },
        {
          "name": "RHSA-2024:4762",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4762"
        },
        {
          "name": "RHSA-2024:4960",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4960"
        },
        {
          "name": "RHSA-2024:5258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:5258"
        },
        {
          "name": "RHSA-2024:5634",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:5634"
        },
        {
          "name": "RHSA-2024:7262",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:7262"
        },
        {
          "name": "RHSA-2025:7118",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7118"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-1394"
        },
        {
          "name": "RHBZ#2262921",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262921"
        },
        {
          "url": "https://github.com/golang-fips/openssl/commit/85d31d0d257ce842c8a1e63c4d230ae850348136"
        },
        {
          "url": "https://github.com/golang-fips/openssl/security/advisories/GHSA-78hx-gp6g-7mj6"
        },
        {
          "url": "https://github.com/microsoft/go-crypto-openssl/commit/104fe7f6912788d2ad44602f77a0a0a62f1f259f"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2024-2660"
        },
        {
          "url": "https://vuln.go.dev/ID/GO-2024-2660.json"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-02-06T00:00:00.000Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-03-20T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Golang-fips/openssl: memory leaks in code encrypting and decrypting rsa payloads",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-401: Missing Release of Memory after Effective Lifetime"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-1394",
    "datePublished": "2024-03-21T12:16:38.790Z",
    "dateReserved": "2024-02-09T06:02:35.056Z",
    "dateUpdated": "2026-04-23T01:32:06.267Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2024-1474

CVE-2019-25210 (GCVE-0-2019-25210)

CVE-2023-29483 (GCVE-0-2023-29483)

CVE-2023-45142 (GCVE-0-2023-45142)

CVE-2023-45289 (GCVE-0-2023-45289)

CVE-2023-45290 (GCVE-0-2023-45290)

CVE-2023-47108 (GCVE-0-2023-47108)

CVE-2023-48795 (GCVE-0-2023-48795)

CVE-2023-52425 (GCVE-0-2023-52425)

CVE-2024-0874 (GCVE-0-2024-0874)

CVE-2024-1394 (GCVE-0-2024-1394)

Tags

Sightings

Nomenclature