Common Weakness Enumeration
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Back to CWE stats page
CWE-276
Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
CVE-2025-7195 (GCVE-0-2025-7195)
Vulnerability from cvelistv5 – Published: 2025-08-07 19:05 – Updated: 2026-04-16 21:54
VLAI
Title
Operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd
Summary
Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, user_setup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used Operator-SDK before 0.15.2 to scaffold their operator may still be impacted by this if the insecure user_setup script is still being used to build new container images.
In affected images, the /etc/passwd file is created during build time with group-writable permissions and a group ownership of root (gid=0). An attacker who can execute commands within an affected container, even as a non-root user, may be able to leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.
Severity
6.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
26 references
Impacted products
169 products
| Vendor | Product | Version | |
|---|---|---|---|
| operator-framework | operator-sdk |
Affected:
0 , < 0.15.2
(semver)
|
|
| Red Hat | RHEL-9-CNV-4.17 |
Unaffected:
v4.17.39-2 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.17::el9 |
|
| Red Hat | RHEL-9-CNV-4.18 |
Unaffected:
v4.18.25-3 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.18::el9 |
|
| Red Hat | RHEL-9-CNV-4.20 |
Unaffected:
v4.20.3-3 , < *
(rpm)
cpe:/a:redhat:container_native_virtualization:4.20::el9 |
|
| Red Hat | File Integrity Operator 1 |
Unaffected:
sha256:1d10b1fd2f76dd5e8c97c38747e621c39aca11b7b64cb820c1264680b7686138 , < *
(rpm)
cpe:/a:redhat:openshift_file_integrity_operator:1::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.6 |
Unaffected:
sha256:27834804d5c56e017785cf9a8100ebb1989288241d8c1a08e296778d2bcf52f1 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.6::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.6 |
Unaffected:
sha256:99a16c7798169c4de9e3c3df560b102003f03c94cd1327796ac4a6ca3c7d4f24 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.6::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.6 |
Unaffected:
sha256:6ff440b0fb6b959b2279db0513abfc88e464dd093fbc79c027da98eabe74d9c0 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.6::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.6 |
Unaffected:
sha256:9592965d6225d4d2fe4da7efb83db1241aefc4933767c68f585ef6db9c1e413a , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.6::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.6 |
Unaffected:
sha256:4d872d919c09d08132e0e056a60ad1e4c457fc600cd0521b0160d7f5106f4ea3 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.6::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.6 |
Unaffected:
sha256:58ce162b9dcc276ea6d83e18fa08170b0ef047df7fc7a8957ee338d1359492eb , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.6::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.6 |
Unaffected:
sha256:107beee845fb13ddcb1c327a2a5fe705cc2f599c775786f937e17c0720977777 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.6::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.7 |
Unaffected:
sha256:1c49bf643ea000a0f92a1d93114a4a866ff51f47947c6a7102fb8e200ae57e8a , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.7::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.7 |
Unaffected:
sha256:072da24a7a4f1b61822ae7c86f8cc0b07462591168ad8a8dd89a02cf3bb33fa5 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.7::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.7 |
Unaffected:
sha256:0488dca3cb2db097732fe153483af7c4b2acdb7b0bc241f30e78cdb0474d11bb , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.7::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.7 |
Unaffected:
sha256:55e5df211a2eeb146596e833572cfe74bad9b16ebc95ec0f38908daac118d8b9 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.7::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.7 |
Unaffected:
sha256:4e0d8a47e840f27038d6290dab730d7115dc1b1a5fe2c2fe7c2307211253a96a , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.7::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.7 |
Unaffected:
sha256:1a2ef170407505193e8d1ab4832ae0b945ec2fd9245c5a93134ce73f959ea34c , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.7::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.7 |
Unaffected:
sha256:295cce4181249098c7903b70ef34afe257731e062c9cb944845663929ca8075c , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.7::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.7 |
Unaffected:
sha256:0755c4e05987fce669d4fb7d021b9202efe9b5da35fc4776441a6a963a4e7f05 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.7::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.7 |
Unaffected:
sha256:82750019c353c3185dc35fb68a675c9d758a3022144855ac09bad49fa4ac3daa , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.7::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.8 |
Unaffected:
sha256:4730066d796726424abb881b2564bb7e313237ac877284c206c8aee3e3843b2e , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.8::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.8 |
Unaffected:
sha256:17ce360bc53af9054c8b1f09d5f62061e449298e471bd0a7cc022dc2b8c402db , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.8::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.8 |
Unaffected:
sha256:89a9e49213426355fb85f5c67f6d27f4cf2e51d55010a33039fafbceb196f838 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.8::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.8 |
Unaffected:
sha256:25764e7533896af9e5495a37533cf40ece09ec9af2ec76e5334ae8da23913064 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.8::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.8 |
Unaffected:
sha256:448f802fa1a8d8d762ce1c1a20844bad5bdec44adc9fcf65f6fc426f2f48ec43 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.8::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.8 |
Unaffected:
sha256:56a7d375e7bca09b0d7f12c312414bd04c6a60b59119e9787cf55a9dc5f82626 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.8::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.8 |
Unaffected:
sha256:1d1deb4104d8aeec314f451c168913fd389ac2d8b1380a68e8722c860ea4cb16 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.8::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.8 |
Unaffected:
sha256:191621a5e2afecd2c48008e3922403d0dee3651085e68e404e23b87db54e6903 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.8::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.9 |
Unaffected:
sha256:08038f377c65aefa81d3c7ecae4994d28d052bd4bad585e18e8a1a68ab17cae7 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.9::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.9 |
Unaffected:
sha256:487d5f2fae53dde288db6981d2e6373d0be4ac440abc7683147d64fce28976de , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.9::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.9 |
Unaffected:
sha256:16f8baa1271b313bb4bbfb4321a1d1ffe2c4b377a237f317640a8129d324b418 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.9::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.9 |
Unaffected:
sha256:495c95d1a2df101e0bf9c0eaa3caeb575f596d6098782c3a0a1dcb0342589886 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.9::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.9 |
Unaffected:
sha256:2e11b27b9d6884dcb846865d632c141a038f85163b0c4db63a1f29cb8d277125 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.9::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.9 |
Unaffected:
sha256:2d8992c950833e7aacad7cf7ec1cded29c2092f7509bf50dfbfcce06a4bd149a , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.9::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.9 |
Unaffected:
sha256:840fbf02ac4883ef94a41476eb3ab46ffd105726ccd4b02b9b48b6606dcfd8f8 , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.9::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.9 |
Unaffected:
sha256:ae7818eab65947f74badec716268053224a27b53d704d89c455380d54009c10c , < *
(rpm)
cpe:/a:redhat:multicluster_engine:2.9::el9 |
|
| Red Hat | OpenShift Compliance Operator 1 |
Unaffected:
sha256:0903a7a5c857d96c84fd022e5785514eff201047e2fdd5d6699d79f17440ef02 , < *
(rpm)
cpe:/a:redhat:openshift_compliance_operator:1::el9 |
|
| Red Hat | OpenShift Compliance Operator 1 |
Unaffected:
sha256:0deacfbd0d55638fb334e2435007586fcfd3a08328c3a7c9b2908bb0cab759c2 , < *
(rpm)
cpe:/a:redhat:openshift_compliance_operator:1::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.11 |
Unaffected:
sha256:0921c2d58881136bab071600e8c18f79eabb33817d2a947799a2429634952ea0 , < *
(rpm)
cpe:/a:redhat:acm:2.11::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.11 |
Unaffected:
sha256:2286313075d365d4795d340b615850995a2fbbc19b7e6f3b1a586b495263b139 , < *
(rpm)
cpe:/a:redhat:acm:2.11::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.11 |
Unaffected:
sha256:06d861b23cf7f8622e14d577d87ab1da07b1ebe7caaa51f4ebb7216f9435ada4 , < *
(rpm)
cpe:/a:redhat:acm:2.11::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.11 |
Unaffected:
sha256:386ef03f3664c6305c90b0daf24182df24624f7b691a205fbf4af7a5bb3c35ec , < *
(rpm)
cpe:/a:redhat:acm:2.11::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.12 |
Unaffected:
sha256:109bd95d99f98906c8a9cf3057f7d0a83ce18fa4f6733606dd3e98d2735312c4 , < *
(rpm)
cpe:/a:redhat:acm:2.12::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.12 |
Unaffected:
sha256:125a0d04b6b5c6c2338ef18b53860d4118f005c1d0f3691f32baccce4ce9b21b , < *
(rpm)
cpe:/a:redhat:acm:2.12::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.12 |
Unaffected:
sha256:320fd7d6d03377dc89442aab61041aa233f2778ff1f9cc686d943205c798a838 , < *
(rpm)
cpe:/a:redhat:acm:2.12::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.12 |
Unaffected:
sha256:3fec028d7dfe4e58bf38a8017b3b760937b18523591c1036b80f1cae94cd1a9e , < *
(rpm)
cpe:/a:redhat:acm:2.12::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.12 |
Unaffected:
sha256:38019d9ba07f59515345dddcd1800da3408be06b3620f4b1c1dd2034e939d26b , < *
(rpm)
cpe:/a:redhat:acm:2.12::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.12 |
Unaffected:
sha256:0fa09c7b7e469826f9788e24cffedea3a90a456af78d4a3237fecb99a3ad52a1 , < *
(rpm)
cpe:/a:redhat:acm:2.12::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.12 |
Unaffected:
sha256:59a7ad296b2023d6a633e2f7b99767e2c0c35ead31c8d92bdf233ff52522125d , < *
(rpm)
cpe:/a:redhat:acm:2.12::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.12 |
Unaffected:
sha256:12c970f2005e943d674b35c711d2232f146bbbcf8e3807b3fb3c816b42e0cd8a , < *
(rpm)
cpe:/a:redhat:acm:2.12::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.12 |
Unaffected:
sha256:53a9844ffdd2d3f8cee8737722de91511cefdb4c65a7db614de6c4e070f70431 , < *
(rpm)
cpe:/a:redhat:acm:2.12::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.12 |
Unaffected:
sha256:1bda811b132cbc2220815d36983af98e0aafdcb4d30fa78f56bbd85ffc30a37c , < *
(rpm)
cpe:/a:redhat:acm:2.12::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.12 |
Unaffected:
sha256:805d44ff7dcd6df5bd73cd58c0f410d8bdeac932d7c440b0c381517c3e1401ae , < *
(rpm)
cpe:/a:redhat:acm:2.12::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.13 |
Unaffected:
sha256:2e4e2180d5912535ac4914569e5e592a501260199cf5371b7d0ac9aec290d0e8 , < *
(rpm)
cpe:/a:redhat:acm:2.13::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.13 |
Unaffected:
sha256:0587333ddfc1f1b5df66948c16cfcea1043c538ddb6ebd6524c00310a41dde7c , < *
(rpm)
cpe:/a:redhat:acm:2.13::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.13 |
Unaffected:
sha256:4e61bb2cc124f37ec9c009e9ee92bfa638ff608f2b28962abbe1ff5614b99155 , < *
(rpm)
cpe:/a:redhat:acm:2.13::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.14 |
Unaffected:
sha256:05847c2e995e681bdcc3f809e76f512767f40ac4498c14fad4afb4cae83f33d1 , < *
(rpm)
cpe:/a:redhat:acm:2.14::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.14 |
Unaffected:
sha256:1b56fc6c4b897bb8a62b1fa176af6bace8282b2de38e3e69b5673c5ae3e6848c , < *
(rpm)
cpe:/a:redhat:acm:2.14::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.14 |
Unaffected:
sha256:7bff1645296326504b40e17540b4b4c2e5aa86147799b61d1bda5757305d3683 , < *
(rpm)
cpe:/a:redhat:acm:2.14::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.14 |
Unaffected:
sha256:1eaf7740de439ed0f26e7abe5186d6422ad0304e7f7a62ff8f7d8b20d7b5f0ef , < *
(rpm)
cpe:/a:redhat:acm:2.14::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.14 |
Unaffected:
sha256:7e394d47079a8bbe2a4a1f158725ddb6b6c7c184c48ee22dd8873b1b8e4e642f , < *
(rpm)
cpe:/a:redhat:acm:2.14::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.14 |
Unaffected:
sha256:2f4d26918cf42cad318cc95935e4637e3912ef4454e91fa0e8f1d42dc185e8b6 , < *
(rpm)
cpe:/a:redhat:acm:2.14::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.14 |
Unaffected:
sha256:46b615cf682815259b0c4b9e785d2f0b429726f75920f7ce9c31625ac86118b2 , < *
(rpm)
cpe:/a:redhat:acm:2.14::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.14 |
Unaffected:
sha256:55094fc781f35867d298ae9ee006113c78b086ce1263ccee2f0a94ec581c837b , < *
(rpm)
cpe:/a:redhat:acm:2.14::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.14 |
Unaffected:
sha256:066f59015024fd839705ad52d1ce8a10e500040c3905b98bd5533e5dd0e268d7 , < *
(rpm)
cpe:/a:redhat:acm:2.14::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.14 |
Unaffected:
sha256:91249fb15a33c0bf8b5bf3c0f236fd4fe272b9221f4fcfa6608e97ba5062c5f3 , < *
(rpm)
cpe:/a:redhat:acm:2.14::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.14 |
Unaffected:
sha256:931fcca9e7cb6f6c7454a72b533cbe4d767438e374848b846f079a3c2d323901 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.14::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.14 |
Unaffected:
sha256:0a88403bb113a735853cc289bad5c2b5e650e5f9d28e28cf635c2fef808025b1 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.14::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.14 |
Unaffected:
sha256:109ce61c700758e5057d2b465c9820c05f2d51b8f541b70c1b1bcf39fc872d35 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.14::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.14 |
Unaffected:
sha256:13454f2f70870d6765f740f36582cdf8139c9ed4c0c38e5f8981eea1374771ad , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.14::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.14 |
Unaffected:
sha256:0a0e70953d2217d929b55a7a7a4c1e49c7e5f6b196b693312c252bfec2dc3843 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.14::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.14 |
Unaffected:
sha256:4c3a738aa7e83a7aea9161c4ef48624a275756531a3d67b13e59b600a4e644ea , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.14::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.14 |
Unaffected:
sha256:2f3828b6ad0cdf73db157daaea35e750000f0aa2741b7e5aa679253ba76f098b , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.14::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.14 |
Unaffected:
sha256:00cb6923e961942f4beabe19a6ad142dbff62929996728c664a1995fc76fcf8a , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.14::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.14 |
Unaffected:
sha256:0d8ff43ca27a8ca5017fc136f9708c743043b72479bced7ce7a91c1057d92339 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.14::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.14 |
Unaffected:
sha256:8d131c609dea271df0cf754e7d28cdb79ad45012c5359f61b13713f9467c8e32 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.14::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.14 |
Unaffected:
sha256:0282d53fe18c9f427fc9af81fe64ceecd84cc4aee60878b0a0dfec76f3c6b2a9 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.14::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.14 |
Unaffected:
sha256:07fade8638107be11d2eb1fe76cd0e051627d85a28aa00e677e82764d94b9bee , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.14::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.14 |
Unaffected:
sha256:37a3e93d30c7d2bcf8cd60dc52a9230bcb14baf10a13e3e01cdcb800eced0eec , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.14::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.14 |
Unaffected:
sha256:0fda299fc4af5af2365f1bc7b2155e6a109196218443a03e65eb1b117cbdeeae , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.14::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.14 |
Unaffected:
sha256:70cc9a59178ea9d801fb8a06ac6bee6cf3b04ab6cefd9c66b52cb3cc88300f0e , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.14::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.14 |
Unaffected:
sha256:9592e63b97947aa2f4a695c7c727bef327595d84350640a3dac51de86ef08e07 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.14::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.14 |
Unaffected:
sha256:2dd678e13edff8659bc429b59d9a4a8129c4dca61da8a2e623eabfadc99c35bd , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.14::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.14 |
Unaffected:
sha256:1587bf92b7369eaefbf2828c324ceb585b3591c397fd1ecd59804875ab7cf64f , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.14::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.15 |
Unaffected:
sha256:1d75f5d047a30a5d80df63d6201cd5550c8aad5d000c079f9d8c9a5c62ae45ce , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.15 |
Unaffected:
sha256:308cd8acade8e07b3183bbe8735b724b866a7337491afc78967eecd2c812d5e3 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.15 |
Unaffected:
sha256:342ec40b4be75a43a6dc9bd86bdd684ffad05c04e177a173273f1d892e2501dd , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.15 |
Unaffected:
sha256:2012c48688b519ce45f08e1392fd886400a1782ea4bf942e434b4281cebca64e , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.15 |
Unaffected:
sha256:08df676115e46d1dea0c175df6e56f4501aa79d9590ed9790e1d218994999839 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.15 |
Unaffected:
sha256:37cb9c23e27da0c54c36bd90bace10bc21406529568deb6436dfbb9bb686dfbb , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.15 |
Unaffected:
sha256:2afaf7feceda2596f257888a5cc5dd19293252da973d4988e00a21c50aa601c4 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.15 |
Unaffected:
sha256:43232acc4c36c387bfcf4eff514d2bbac42c6baf4aa1a9921abd04f8a05ab6bd , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.15 |
Unaffected:
sha256:02e2e6d8f4037d66a951af24d72a02cb1e41bce6a5c1f184fc6797c49f60fc75 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.15 |
Unaffected:
sha256:22c95138c3ca3d086227da3181548a73e86eb244670e0f6acf8ed9011883fdb2 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.15 |
Unaffected:
sha256:2a3861eeb69808eea9cd1848e770a9f3b6e65ef44c8add47675a51e4d35edbfe , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.15 |
Unaffected:
sha256:0c5becf0a62d24cb986b0338432e30fa1952487392d3712d190c85f35300cd97 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.15 |
Unaffected:
sha256:27b15f29e01661f7b6857e5da669d4b81f9f1cbcd97e186603552455d82d3152 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.15 |
Unaffected:
sha256:2823b76f7f6ab7583fbf6ef79520eaa6d3875cb569bd5d30e662cc3c06bfc68c , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.15 |
Unaffected:
sha256:0cef2dc6c500024d272d85c04ce671648c41d25ed00b4b1c40f9a5cc7c9aa24d , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.15 |
Unaffected:
sha256:42bf30dbe0a237936719b62aa1087075e7b387998d2143c2a16a7b7c9960e9fc , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.15 |
Unaffected:
sha256:0db4c6508d18e6a8ad4197c666fe01ac772ad4e04f2a7f739aadf7168816e817 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.15 |
Unaffected:
sha256:f4a5e16ed21a930a510b5f695a645be2cb6bff1487f5865650fe3c0759e25689 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.16 |
Unaffected:
sha256:28f2860ac1920009eda82fadd3bd134aa53e410974f257b2d700dd57a5ce55c8 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.16::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.16 |
Unaffected:
sha256:0a9ebf5ec13dc86adaf99a291d6d97f306e3d2c4efebe330efed45cb243a7eee , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.16::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.16 |
Unaffected:
sha256:39b8896056e50856d726943e1fe5474737d00729e24c55ea19927516e7f663a0 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.16::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.16 |
Unaffected:
sha256:2157276d6715734095eccf19ee2a3b8ee2610831e6db28db4d1549a45ef1226f , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.16::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.16 |
Unaffected:
sha256:12de253d776c8a2b72966403179650aeee0ea3a4100be45a93b240fcf23ccc17 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.16::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.16 |
Unaffected:
sha256:57f81dbdd41c7ffba5d245a3cfff9192051443da9e77da67a54df4459f472a5a , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.16::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.16 |
Unaffected:
sha256:28fecbad41a6b90ed64ff1ed6d36acf4cf88a8f86131556d6d8ba35766c9a70e , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.16::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.16 |
Unaffected:
sha256:69ae289c4b1a9a51a25813d996d7f14794bcddc39df0512cc6e8effc6e32ad16 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.16::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.16 |
Unaffected:
sha256:51e41acedaa776080b4f8a297d13d4f609839b834d929f4312a2c70afdb68329 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.16::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.16 |
Unaffected:
sha256:0569ea1b4783e21b056242d9f2a40a548ff560a5ab957245444cc3770ed664db , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.16::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.16 |
Unaffected:
sha256:271c19cfd3fa7295781909453024996f81d21cab5d875a8ce04c04e14ec78fb4 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.16::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.16 |
Unaffected:
sha256:0e4f342bb1f967db85cd40ab3318966bbf011629276cc946c11cab721e091f4b , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.16::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.16 |
Unaffected:
sha256:2e5849819b5220b3b7c2185a1fe85b6d02151bc44aa5e582f7f0090d77cbb591 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.16::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.16 |
Unaffected:
sha256:4af5cbf6944b170e3578f0e904a57acbdef4ce27b7dbd9629b2a4d7c0231330d , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.16::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.16 |
Unaffected:
sha256:0d7aed32d3447e3a3571b82f45a190221f48e224e70dcbb8ebc97b0172ca8544 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.16::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.16 |
Unaffected:
sha256:a8c51e193d55d14f9ea4a897047478dfe63fec2b07de4306459fe92805063f8b , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.16::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.16 |
Unaffected:
sha256:04037c00520f7f909565b6461455f0878a54d9f879b328708872c7f03bd24175 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.16::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.16 |
Unaffected:
sha256:875e86d19b02583156eb12fc726b5089a377403088389997383c0c986e3b2fc1 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.16::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.17 |
Unaffected:
sha256:4732e19283a907e1a987590a0815e4c7b95c80218864eb6ae7f0393867a28e2e , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.17::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.17 |
Unaffected:
sha256:0b3b8d6d1c0cd176ab61c529ab42e7a12720f6a42bf89ca1568656bdbc463310 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.17::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.17 |
Unaffected:
sha256:2a9ecf79a8209fb80fc189c2a05b68ebb3874dd2e1c404361f3b26533188e6a1 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.17::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.17 |
Unaffected:
sha256:57597555a31a799fec3dfbdc43949a8b3b1fb9bc02ef8a7990982335ee94f71d , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.17::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.17 |
Unaffected:
sha256:00d18b2cf2c778dc1f4a6ec4502038bec5138ef7624ef13a7360d48745a315f2 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.17::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.17 |
Unaffected:
sha256:4b3115829f2443bc90d15421da6e0679d7f9364639a46bd43aa858ec5e2109f7 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.17::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.17 |
Unaffected:
sha256:e661ba3760dbd154ca7fcac8ceb39a50403664e712f43a93c4732b7e078de7aa , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.17::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.17 |
Unaffected:
sha256:55e3e523175182a9f5536e3d331ad57596b5d28d51e7177efb875d16fa81ecc2 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.17::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.17 |
Unaffected:
sha256:05e0499ac1613f5e1c7bcdca0a481a5fddc0497c48d36d6770f40e69eaa10ba1 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.17::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.17 |
Unaffected:
sha256:0c3219a8065376f68178b94273c691afa37d5b2ab49f26e1f8167624a1487965 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.17::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.17 |
Unaffected:
sha256:1feecf8d8b8d2cbc52990a41805d80b8681763b1e3f8302b2d1e210582b8f6cf , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.17::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.17 |
Unaffected:
sha256:44cc96e8349dffd1258b7e1a2e3b80616a3452c6c15f3b34e1d8de66ddcaa4cc , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.17::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.17 |
Unaffected:
sha256:05662182c4c1d373d36066294c7f927d63ef85c6f0922ced8612a2eb8bd7d925 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.17::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.17 |
Unaffected:
sha256:63b810beca8b6ccc35d1a80c6f0c42d3b50adea67c25ab352f6514fb5d1461cb , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.17::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.17 |
Unaffected:
sha256:6336c817d1bcbce9677ca5d525ceedd28789cbde1384cf7a606608168f4e0f10 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.17::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.17 |
Unaffected:
sha256:00b3718224bcd0b08300680b8cf5b5525cb959db13d607ee93c2f836b759501e , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.17::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.17 |
Unaffected:
sha256:01d2635790a1a5aca7f20de055db2718c262e51ddba75aff9fab1488fd65ab20 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.17::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.17 |
Unaffected:
sha256:2a4c4141c97c71c8e1ee31da6acf1c80556eebf0b3f28eabae9eafffa1e251e3 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.17::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.17 |
Unaffected:
sha256:8689f95dfb32aafea228ef08e290949cc3c31e6a2acbb0f66da02ef0cf84089c , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.17::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
sha256:1690d6c99f4626289bcdd78c8521edffb61c91da1a45aa2eb2b6ab2af137b7c1 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
sha256:5ee6284d6354e4e55f1ee7eb5a79b833aae6e31bf42bf185c4192e5d373f06e7 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
sha256:87f5569806a8960520bab78d69514f2e2061b2ad69040cf7c164a5037c27e6bf , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
sha256:00bdcca61bc8765fbbc838deeb86392ce25c72f0170241c270484ec9b77bd263 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
sha256:37d0208891259e9d725fb4146d023c1f0cd0dafbff8e322b7c12621ea25f8c85 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
sha256:2bd4927011a029a1dd7ba2baa2fdc759d431550879eddc8813d89cb44cdb2767 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
sha256:5aad1d226292a42c700e97575eec56040108869acdcb720a9c5b32d02a0035b3 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
sha256:2abd2d479416e66c6f85e4e883d5e4987bc38f476f907766374784107b89de9a , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
sha256:0a5ac166f5ebddae21dcf2ce8a5932494209533ac4a92ff5551a402291f27ff9 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
sha256:65176cfc11dcc49e7b175404475dd0fcd9ad14e3b3e8ab85816cf52d64c51512 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
sha256:173a4998c70c4c8ff9d0d4f90fb48e8e3d3f8fbc4deeb4f742cbaa38dda61215 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
sha256:599bfb2b83e095f88d90a408d4e8bf66bf10070255c5d174ca9ed8668111d25f , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
sha256:40f8584e7ed0be1742fc3d40ee639dfd5323e38c55c7fcae4146d4246abf6cf0 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
sha256:116f99072859f76161266a538d92d7e19e3b463fc18e6084cf7faf7a6b311116 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
sha256:053ad72159390ad37825015b051252dc162f46ebeeab4866e1568af1f0084cab , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
sha256:1645b8ebfe127ec4a9b8c7c7a2d2ae6723bf1c02d49920a7f579197e8d21366f , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
sha256:1d10099e7b5e3a3c4444569f6af365f90494c71b758aad1dad53f5aecf788ca5 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
sha256:2987990bc63fa58ced038084921bdf168a017bd0b94b296a7c79dc264388339a , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
Unaffected:
sha256:25b4647a37692cde90c499460a62a78342827265992adc0740bef650028fc2df , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Multicluster Engine for Kubernetes |
cpe:/a:redhat:multicluster_engine |
|
| Red Hat | Multicluster Global Hub |
cpe:/a:redhat:multicluster_globalhub |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2 |
cpe:/a:redhat:acm:2 |
|
| Red Hat | Red Hat Advanced Cluster Security 4 |
cpe:/a:redhat:advanced_cluster_security:4 |
|
| Red Hat | Red Hat build of Apicurio Registry 2 |
cpe:/a:redhat:service_registry:2 |
|
| Red Hat | Red Hat build of Apicurio Registry 3 |
cpe:/a:redhat:apicurio_registry:3 |
|
| Red Hat | Red Hat Fuse 7 |
cpe:/a:redhat:jboss_fuse:7 |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat OpenShift Virtualization 4 |
cpe:/a:redhat:container_native_virtualization:4 |
|
| Red Hat | Red Hat Web Terminal |
cpe:/a:redhat:webterminal:1 |
Date Public
2025-08-07 18:59
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7195",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-07T19:23:11.314765Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-07T19:36:47.691Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/operator-framework/operator-sdk",
"defaultStatus": "unaffected",
"packageName": "operator-sdk",
"product": "operator-sdk",
"vendor": "operator-framework",
"versions": [
{
"lessThan": "0.15.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/cluster-network-addons-operator-rhel9",
"product": "RHEL-9-CNV-4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.17.39-2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/cluster-network-addons-operator-rhel9",
"product": "RHEL-9-CNV-4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.18.25-3",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.20::el9"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/cluster-network-addons-operator-rhel9",
"product": "RHEL-9-CNV-4.20",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.20.3-3",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_file_integrity_operator:1::el9"
],
"defaultStatus": "affected",
"packageName": "compliance/openshift-file-integrity-rhel8-operator",
"product": "File Integrity Operator 1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:1d10b1fd2f76dd5e8c97c38747e621c39aca11b7b64cb820c1264680b7686138",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.6::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/addon-manager-rhel9",
"product": "multicluster engine for Kubernetes 2.6",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:27834804d5c56e017785cf9a8100ebb1989288241d8c1a08e296778d2bcf52f1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.6::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/clusterlifecycle-state-metrics-rhel9",
"product": "multicluster engine for Kubernetes 2.6",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:99a16c7798169c4de9e3c3df560b102003f03c94cd1327796ac4a6ca3c7d4f24",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.6::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/discovery-rhel9",
"product": "multicluster engine for Kubernetes 2.6",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:6ff440b0fb6b959b2279db0513abfc88e464dd093fbc79c027da98eabe74d9c0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.6::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/placement-rhel9",
"product": "multicluster engine for Kubernetes 2.6",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:9592965d6225d4d2fe4da7efb83db1241aefc4933767c68f585ef6db9c1e413a",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.6::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/registration-operator-rhel9",
"product": "multicluster engine for Kubernetes 2.6",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:4d872d919c09d08132e0e056a60ad1e4c457fc600cd0521b0160d7f5106f4ea3",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.6::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/registration-rhel9",
"product": "multicluster engine for Kubernetes 2.6",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:58ce162b9dcc276ea6d83e18fa08170b0ef047df7fc7a8957ee338d1359492eb",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.6::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/work-rhel9",
"product": "multicluster engine for Kubernetes 2.6",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:107beee845fb13ddcb1c327a2a5fe705cc2f599c775786f937e17c0720977777",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.7::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/addon-manager-rhel9",
"product": "multicluster engine for Kubernetes 2.7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:1c49bf643ea000a0f92a1d93114a4a866ff51f47947c6a7102fb8e200ae57e8a",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.7::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/clusterlifecycle-state-metrics-rhel9",
"product": "multicluster engine for Kubernetes 2.7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:072da24a7a4f1b61822ae7c86f8cc0b07462591168ad8a8dd89a02cf3bb33fa5",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.7::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/discovery-rhel9",
"product": "multicluster engine for Kubernetes 2.7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0488dca3cb2db097732fe153483af7c4b2acdb7b0bc241f30e78cdb0474d11bb",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.7::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/managedcluster-import-controller-rhel9",
"product": "multicluster engine for Kubernetes 2.7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:55e5df211a2eeb146596e833572cfe74bad9b16ebc95ec0f38908daac118d8b9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.7::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/placement-rhel9",
"product": "multicluster engine for Kubernetes 2.7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:4e0d8a47e840f27038d6290dab730d7115dc1b1a5fe2c2fe7c2307211253a96a",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.7::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/registration-operator-rhel9",
"product": "multicluster engine for Kubernetes 2.7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:1a2ef170407505193e8d1ab4832ae0b945ec2fd9245c5a93134ce73f959ea34c",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.7::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/registration-rhel9",
"product": "multicluster engine for Kubernetes 2.7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:295cce4181249098c7903b70ef34afe257731e062c9cb944845663929ca8075c",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.7::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/work-rhel9",
"product": "multicluster engine for Kubernetes 2.7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0755c4e05987fce669d4fb7d021b9202efe9b5da35fc4776441a6a963a4e7f05",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.7::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/addon-manager-rhel9",
"product": "multicluster engine for Kubernetes 2.7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:1c49bf643ea000a0f92a1d93114a4a866ff51f47947c6a7102fb8e200ae57e8a",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.7::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/clusterlifecycle-state-metrics-rhel9",
"product": "multicluster engine for Kubernetes 2.7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:072da24a7a4f1b61822ae7c86f8cc0b07462591168ad8a8dd89a02cf3bb33fa5",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.7::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/discovery-rhel9",
"product": "multicluster engine for Kubernetes 2.7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0488dca3cb2db097732fe153483af7c4b2acdb7b0bc241f30e78cdb0474d11bb",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.7::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/managedcluster-import-controller-rhel9",
"product": "multicluster engine for Kubernetes 2.7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:82750019c353c3185dc35fb68a675c9d758a3022144855ac09bad49fa4ac3daa",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.7::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/placement-rhel9",
"product": "multicluster engine for Kubernetes 2.7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:4e0d8a47e840f27038d6290dab730d7115dc1b1a5fe2c2fe7c2307211253a96a",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.7::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/registration-operator-rhel9",
"product": "multicluster engine for Kubernetes 2.7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:1a2ef170407505193e8d1ab4832ae0b945ec2fd9245c5a93134ce73f959ea34c",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.7::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/registration-rhel9",
"product": "multicluster engine for Kubernetes 2.7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:295cce4181249098c7903b70ef34afe257731e062c9cb944845663929ca8075c",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.7::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/work-rhel9",
"product": "multicluster engine for Kubernetes 2.7",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0755c4e05987fce669d4fb7d021b9202efe9b5da35fc4776441a6a963a4e7f05",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.8::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/addon-manager-rhel9",
"product": "multicluster engine for Kubernetes 2.8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:4730066d796726424abb881b2564bb7e313237ac877284c206c8aee3e3843b2e",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.8::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/clusterlifecycle-state-metrics-rhel9",
"product": "multicluster engine for Kubernetes 2.8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:17ce360bc53af9054c8b1f09d5f62061e449298e471bd0a7cc022dc2b8c402db",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.8::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/discovery-rhel9",
"product": "multicluster engine for Kubernetes 2.8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:89a9e49213426355fb85f5c67f6d27f4cf2e51d55010a33039fafbceb196f838",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.8::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/managedcluster-import-controller-rhel9",
"product": "multicluster engine for Kubernetes 2.8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:25764e7533896af9e5495a37533cf40ece09ec9af2ec76e5334ae8da23913064",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.8::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/placement-rhel9",
"product": "multicluster engine for Kubernetes 2.8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:448f802fa1a8d8d762ce1c1a20844bad5bdec44adc9fcf65f6fc426f2f48ec43",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.8::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/registration-operator-rhel9",
"product": "multicluster engine for Kubernetes 2.8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:56a7d375e7bca09b0d7f12c312414bd04c6a60b59119e9787cf55a9dc5f82626",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.8::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/registration-rhel9",
"product": "multicluster engine for Kubernetes 2.8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:1d1deb4104d8aeec314f451c168913fd389ac2d8b1380a68e8722c860ea4cb16",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.8::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/work-rhel9",
"product": "multicluster engine for Kubernetes 2.8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:191621a5e2afecd2c48008e3922403d0dee3651085e68e404e23b87db54e6903",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.9::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/addon-manager-rhel9",
"product": "multicluster engine for Kubernetes 2.9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:08038f377c65aefa81d3c7ecae4994d28d052bd4bad585e18e8a1a68ab17cae7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.9::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/clusterlifecycle-state-metrics-rhel9",
"product": "multicluster engine for Kubernetes 2.9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:487d5f2fae53dde288db6981d2e6373d0be4ac440abc7683147d64fce28976de",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.9::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/discovery-rhel9",
"product": "multicluster engine for Kubernetes 2.9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:16f8baa1271b313bb4bbfb4321a1d1ffe2c4b377a237f317640a8129d324b418",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.9::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/managedcluster-import-controller-rhel9",
"product": "multicluster engine for Kubernetes 2.9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:495c95d1a2df101e0bf9c0eaa3caeb575f596d6098782c3a0a1dcb0342589886",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.9::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/placement-rhel9",
"product": "multicluster engine for Kubernetes 2.9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:2e11b27b9d6884dcb846865d632c141a038f85163b0c4db63a1f29cb8d277125",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.9::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/registration-operator-rhel9",
"product": "multicluster engine for Kubernetes 2.9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:2d8992c950833e7aacad7cf7ec1cded29c2092f7509bf50dfbfcce06a4bd149a",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.9::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/registration-rhel9",
"product": "multicluster engine for Kubernetes 2.9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:840fbf02ac4883ef94a41476eb3ab46ffd105726ccd4b02b9b48b6606dcfd8f8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.9::el9"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/work-rhel9",
"product": "multicluster engine for Kubernetes 2.9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:ae7818eab65947f74badec716268053224a27b53d704d89c455380d54009c10c",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_compliance_operator:1::el9"
],
"defaultStatus": "affected",
"packageName": "compliance/openshift-compliance-rhel8-operator",
"product": "OpenShift Compliance Operator 1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0903a7a5c857d96c84fd022e5785514eff201047e2fdd5d6699d79f17440ef02",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_compliance_operator:1::el9"
],
"defaultStatus": "affected",
"packageName": "compliance/openshift-compliance-rhel8-operator",
"product": "OpenShift Compliance Operator 1",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0deacfbd0d55638fb334e2435007586fcfd3a08328c3a7c9b2908bb0cab759c2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.11::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/klusterlet-addon-controller-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.11",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0921c2d58881136bab071600e8c18f79eabb33817d2a947799a2429634952ea0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.11::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicluster-operators-application-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.11",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:2286313075d365d4795d340b615850995a2fbbc19b7e6f3b1a586b495263b139",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.11::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicluster-operators-channel-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.11",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:06d861b23cf7f8622e14d577d87ab1da07b1ebe7caaa51f4ebb7216f9435ada4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.11::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicluster-operators-subscription-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.11",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:386ef03f3664c6305c90b0daf24182df24624f7b691a205fbf4af7a5bb3c35ec",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.12::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/acm-cluster-permission-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:109bd95d99f98906c8a9cf3057f7d0a83ce18fa4f6733606dd3e98d2735312c4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.12::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/klusterlet-addon-controller-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:125a0d04b6b5c6c2338ef18b53860d4118f005c1d0f3691f32baccce4ce9b21b",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.12::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicloud-integrations-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:320fd7d6d03377dc89442aab61041aa233f2778ff1f9cc686d943205c798a838",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.12::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicluster-operators-application-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:3fec028d7dfe4e58bf38a8017b3b760937b18523591c1036b80f1cae94cd1a9e",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.12::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicluster-operators-channel-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:38019d9ba07f59515345dddcd1800da3408be06b3620f4b1c1dd2034e939d26b",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.12::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicluster-operators-subscription-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0fa09c7b7e469826f9788e24cffedea3a90a456af78d4a3237fecb99a3ad52a1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.12::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/klusterlet-addon-controller-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:125a0d04b6b5c6c2338ef18b53860d4118f005c1d0f3691f32baccce4ce9b21b",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.12::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/acm-cluster-permission-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:59a7ad296b2023d6a633e2f7b99767e2c0c35ead31c8d92bdf233ff52522125d",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.12::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicloud-integrations-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:12c970f2005e943d674b35c711d2232f146bbbcf8e3807b3fb3c816b42e0cd8a",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.12::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicluster-operators-application-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:53a9844ffdd2d3f8cee8737722de91511cefdb4c65a7db614de6c4e070f70431",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.12::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicluster-operators-channel-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:1bda811b132cbc2220815d36983af98e0aafdcb4d30fa78f56bbd85ffc30a37c",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.12::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicluster-operators-subscription-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.12",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:805d44ff7dcd6df5bd73cd58c0f410d8bdeac932d7c440b0c381517c3e1401ae",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.13::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/acm-cluster-permission-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:2e4e2180d5912535ac4914569e5e592a501260199cf5371b7d0ac9aec290d0e8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.13::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/klusterlet-addon-controller-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0587333ddfc1f1b5df66948c16cfcea1043c538ddb6ebd6524c00310a41dde7c",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.13::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/acm-cluster-permission-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:2e4e2180d5912535ac4914569e5e592a501260199cf5371b7d0ac9aec290d0e8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.13::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/cluster-backup-rhel9-operator",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:4e61bb2cc124f37ec9c009e9ee92bfa638ff608f2b28962abbe1ff5614b99155",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.13::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/klusterlet-addon-controller-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.13",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0587333ddfc1f1b5df66948c16cfcea1043c538ddb6ebd6524c00310a41dde7c",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.14::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/acm-cluster-permission-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:05847c2e995e681bdcc3f809e76f512767f40ac4498c14fad4afb4cae83f33d1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.14::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/klusterlet-addon-controller-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:1b56fc6c4b897bb8a62b1fa176af6bace8282b2de38e3e69b5673c5ae3e6848c",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.14::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicloud-integrations-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:7bff1645296326504b40e17540b4b4c2e5aa86147799b61d1bda5757305d3683",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.14::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicluster-operators-application-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:1eaf7740de439ed0f26e7abe5186d6422ad0304e7f7a62ff8f7d8b20d7b5f0ef",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.14::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicluster-operators-channel-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:7e394d47079a8bbe2a4a1f158725ddb6b6c7c184c48ee22dd8873b1b8e4e642f",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.14::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicluster-operators-subscription-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:2f4d26918cf42cad318cc95935e4637e3912ef4454e91fa0e8f1d42dc185e8b6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.14::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicloud-integrations-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:46b615cf682815259b0c4b9e785d2f0b429726f75920f7ce9c31625ac86118b2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.14::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicluster-operators-application-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:55094fc781f35867d298ae9ee006113c78b086ce1263ccee2f0a94ec581c837b",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.14::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicluster-operators-channel-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:066f59015024fd839705ad52d1ce8a10e500040c3905b98bd5533e5dd0e268d7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:acm:2.14::el9"
],
"defaultStatus": "affected",
"packageName": "rhacm2/multicluster-operators-subscription-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:91249fb15a33c0bf8b5bf3c0f236fd4fe272b9221f4fcfa6608e97ba5062c5f3",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/cephcsi-rhel9",
"product": "Red Hat Openshift Data Foundation 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:931fcca9e7cb6f6c7454a72b533cbe4d767438e374848b846f079a3c2d323901",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-cli-rhel9",
"product": "Red Hat Openshift Data Foundation 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0a88403bb113a735853cc289bad5c2b5e650e5f9d28e28cf635c2fef808025b1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-core-rhel9",
"product": "Red Hat Openshift Data Foundation 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:109ce61c700758e5057d2b465c9820c05f2d51b8f541b70c1b1bcf39fc872d35",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:13454f2f70870d6765f740f36582cdf8139c9ed4c0c38e5f8981eea1374771ad",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0a0e70953d2217d929b55a7a7a4c1e49c7e5f6b196b693312c252bfec2dc3843",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:4c3a738aa7e83a7aea9161c4ef48624a275756531a3d67b13e59b600a4e644ea",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-metrics-exporter-rhel9",
"product": "Red Hat Openshift Data Foundation 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:2f3828b6ad0cdf73db157daaea35e750000f0aa2741b7e5aa679253ba76f098b",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:00cb6923e961942f4beabe19a6ad142dbff62929996728c664a1995fc76fcf8a",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0d8ff43ca27a8ca5017fc136f9708c743043b72479bced7ce7a91c1057d92339",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cosi-sidecar-rhel9",
"product": "Red Hat Openshift Data Foundation 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:8d131c609dea271df0cf754e7d28cdb79ad45012c5359f61b13713f9467c8e32",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0282d53fe18c9f427fc9af81fe64ceecd84cc4aee60878b0a0dfec76f3c6b2a9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-sidecar-rhel9",
"product": "Red Hat Openshift Data Foundation 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:07fade8638107be11d2eb1fe76cd0e051627d85a28aa00e677e82764d94b9bee",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:37a3e93d30c7d2bcf8cd60dc52a9230bcb14baf10a13e3e01cdcb800eced0eec",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0fda299fc4af5af2365f1bc7b2155e6a109196218443a03e65eb1b117cbdeeae",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-must-gather-rhel9",
"product": "Red Hat Openshift Data Foundation 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:70cc9a59178ea9d801fb8a06ac6bee6cf3b04ab6cefd9c66b52cb3cc88300f0e",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:9592e63b97947aa2f4a695c7c727bef327595d84350640a3dac51de86ef08e07",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odr-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:2dd678e13edff8659bc429b59d9a4a8129c4dca61da8a2e623eabfadc99c35bd",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.14::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/rook-ceph-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.14",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:1587bf92b7369eaefbf2828c324ceb585b3591c397fd1ecd59804875ab7cf64f",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/cephcsi-rhel9",
"product": "Red Hat Openshift Data Foundation 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:1d75f5d047a30a5d80df63d6201cd5550c8aad5d000c079f9d8c9a5c62ae45ce",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-core-rhel9",
"product": "Red Hat Openshift Data Foundation 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:308cd8acade8e07b3183bbe8735b724b866a7337491afc78967eecd2c812d5e3",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:342ec40b4be75a43a6dc9bd86bdd684ffad05c04e177a173273f1d892e2501dd",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:2012c48688b519ce45f08e1392fd886400a1782ea4bf942e434b4281cebca64e",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:08df676115e46d1dea0c175df6e56f4501aa79d9590ed9790e1d218994999839",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-metrics-exporter-rhel9",
"product": "Red Hat Openshift Data Foundation 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:37cb9c23e27da0c54c36bd90bace10bc21406529568deb6436dfbb9bb686dfbb",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:2afaf7feceda2596f257888a5cc5dd19293252da973d4988e00a21c50aa601c4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cli-rhel9",
"product": "Red Hat Openshift Data Foundation 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:43232acc4c36c387bfcf4eff514d2bbac42c6baf4aa1a9921abd04f8a05ab6bd",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:02e2e6d8f4037d66a951af24d72a02cb1e41bce6a5c1f184fc6797c49f60fc75",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cosi-sidecar-rhel9",
"product": "Red Hat Openshift Data Foundation 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:22c95138c3ca3d086227da3181548a73e86eb244670e0f6acf8ed9011883fdb2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:2a3861eeb69808eea9cd1848e770a9f3b6e65ef44c8add47675a51e4d35edbfe",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-sidecar-rhel9",
"product": "Red Hat Openshift Data Foundation 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0c5becf0a62d24cb986b0338432e30fa1952487392d3712d190c85f35300cd97",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:27b15f29e01661f7b6857e5da669d4b81f9f1cbcd97e186603552455d82d3152",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:2823b76f7f6ab7583fbf6ef79520eaa6d3875cb569bd5d30e662cc3c06bfc68c",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-must-gather-rhel9",
"product": "Red Hat Openshift Data Foundation 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0cef2dc6c500024d272d85c04ce671648c41d25ed00b4b1c40f9a5cc7c9aa24d",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:42bf30dbe0a237936719b62aa1087075e7b387998d2143c2a16a7b7c9960e9fc",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odr-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0db4c6508d18e6a8ad4197c666fe01ac772ad4e04f2a7f739aadf7168816e817",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/rook-ceph-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.15",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:f4a5e16ed21a930a510b5f695a645be2cb6bff1487f5865650fe3c0759e25689",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/cephcsi-rhel9",
"product": "Red Hat Openshift Data Foundation 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:28f2860ac1920009eda82fadd3bd134aa53e410974f257b2d700dd57a5ce55c8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-core-rhel9",
"product": "Red Hat Openshift Data Foundation 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0a9ebf5ec13dc86adaf99a291d6d97f306e3d2c4efebe330efed45cb243a7eee",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:39b8896056e50856d726943e1fe5474737d00729e24c55ea19927516e7f663a0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:2157276d6715734095eccf19ee2a3b8ee2610831e6db28db4d1549a45ef1226f",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:12de253d776c8a2b72966403179650aeee0ea3a4100be45a93b240fcf23ccc17",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-metrics-exporter-rhel9",
"product": "Red Hat Openshift Data Foundation 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:57f81dbdd41c7ffba5d245a3cfff9192051443da9e77da67a54df4459f472a5a",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:28fecbad41a6b90ed64ff1ed6d36acf4cf88a8f86131556d6d8ba35766c9a70e",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cli-rhel9",
"product": "Red Hat Openshift Data Foundation 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:69ae289c4b1a9a51a25813d996d7f14794bcddc39df0512cc6e8effc6e32ad16",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:51e41acedaa776080b4f8a297d13d4f609839b834d929f4312a2c70afdb68329",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cosi-sidecar-rhel9",
"product": "Red Hat Openshift Data Foundation 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0569ea1b4783e21b056242d9f2a40a548ff560a5ab957245444cc3770ed664db",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:271c19cfd3fa7295781909453024996f81d21cab5d875a8ce04c04e14ec78fb4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-sidecar-rhel9",
"product": "Red Hat Openshift Data Foundation 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0e4f342bb1f967db85cd40ab3318966bbf011629276cc946c11cab721e091f4b",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:2e5849819b5220b3b7c2185a1fe85b6d02151bc44aa5e582f7f0090d77cbb591",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:4af5cbf6944b170e3578f0e904a57acbdef4ce27b7dbd9629b2a4d7c0231330d",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-must-gather-rhel9",
"product": "Red Hat Openshift Data Foundation 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0d7aed32d3447e3a3571b82f45a190221f48e224e70dcbb8ebc97b0172ca8544",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:a8c51e193d55d14f9ea4a897047478dfe63fec2b07de4306459fe92805063f8b",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odr-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:04037c00520f7f909565b6461455f0878a54d9f879b328708872c7f03bd24175",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.16::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/rook-ceph-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.16",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:875e86d19b02583156eb12fc726b5089a377403088389997383c0c986e3b2fc1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/cephcsi-rhel9",
"product": "Red Hat Openshift Data Foundation 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:4732e19283a907e1a987590a0815e4c7b95c80218864eb6ae7f0393867a28e2e",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/cephcsi-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0b3b8d6d1c0cd176ab61c529ab42e7a12720f6a42bf89ca1568656bdbc463310",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-core-rhel9",
"product": "Red Hat Openshift Data Foundation 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:2a9ecf79a8209fb80fc189c2a05b68ebb3874dd2e1c404361f3b26533188e6a1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:57597555a31a799fec3dfbdc43949a8b3b1fb9bc02ef8a7990982335ee94f71d",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:00d18b2cf2c778dc1f4a6ec4502038bec5138ef7624ef13a7360d48745a315f2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:4b3115829f2443bc90d15421da6e0679d7f9364639a46bd43aa858ec5e2109f7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-metrics-exporter-rhel9",
"product": "Red Hat Openshift Data Foundation 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:e661ba3760dbd154ca7fcac8ceb39a50403664e712f43a93c4732b7e078de7aa",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:55e3e523175182a9f5536e3d331ad57596b5d28d51e7177efb875d16fa81ecc2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cli-rhel9",
"product": "Red Hat Openshift Data Foundation 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:05e0499ac1613f5e1c7bcdca0a481a5fddc0497c48d36d6770f40e69eaa10ba1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0c3219a8065376f68178b94273c691afa37d5b2ab49f26e1f8167624a1487965",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cosi-sidecar-rhel9",
"product": "Red Hat Openshift Data Foundation 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:1feecf8d8b8d2cbc52990a41805d80b8681763b1e3f8302b2d1e210582b8f6cf",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:44cc96e8349dffd1258b7e1a2e3b80616a3452c6c15f3b34e1d8de66ddcaa4cc",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-sidecar-rhel9",
"product": "Red Hat Openshift Data Foundation 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:05662182c4c1d373d36066294c7f927d63ef85c6f0922ced8612a2eb8bd7d925",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:63b810beca8b6ccc35d1a80c6f0c42d3b50adea67c25ab352f6514fb5d1461cb",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:6336c817d1bcbce9677ca5d525ceedd28789cbde1384cf7a606608168f4e0f10",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-must-gather-rhel9",
"product": "Red Hat Openshift Data Foundation 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:00b3718224bcd0b08300680b8cf5b5525cb959db13d607ee93c2f836b759501e",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:01d2635790a1a5aca7f20de055db2718c262e51ddba75aff9fab1488fd65ab20",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odr-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:2a4c4141c97c71c8e1ee31da6acf1c80556eebf0b3f28eabae9eafffa1e251e3",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.17::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/rook-ceph-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.17",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:8689f95dfb32aafea228ef08e290949cc3c31e6a2acbb0f66da02ef0cf84089c",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/cephcsi-rhel9",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:1690d6c99f4626289bcdd78c8521edffb61c91da1a45aa2eb2b6ab2af137b7c1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/cephcsi-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:5ee6284d6354e4e55f1ee7eb5a79b833aae6e31bf42bf185c4192e5d373f06e7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-core-rhel9",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:87f5569806a8960520bab78d69514f2e2061b2ad69040cf7c164a5037c27e6bf",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:00bdcca61bc8765fbbc838deeb86392ce25c72f0170241c270484ec9b77bd263",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:37d0208891259e9d725fb4146d023c1f0cd0dafbff8e322b7c12621ea25f8c85",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:2bd4927011a029a1dd7ba2baa2fdc759d431550879eddc8813d89cb44cdb2767",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-metrics-exporter-rhel9",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:5aad1d226292a42c700e97575eec56040108869acdcb720a9c5b32d02a0035b3",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:2abd2d479416e66c6f85e4e883d5e4987bc38f476f907766374784107b89de9a",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cli-rhel9",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:0a5ac166f5ebddae21dcf2ce8a5932494209533ac4a92ff5551a402291f27ff9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:65176cfc11dcc49e7b175404475dd0fcd9ad14e3b3e8ab85816cf52d64c51512",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cosi-sidecar-rhel9",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:173a4998c70c4c8ff9d0d4f90fb48e8e3d3f8fbc4deeb4f742cbaa38dda61215",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:599bfb2b83e095f88d90a408d4e8bf66bf10070255c5d174ca9ed8668111d25f",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-sidecar-rhel9",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:40f8584e7ed0be1742fc3d40ee639dfd5323e38c55c7fcae4146d4246abf6cf0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-console-rhel9",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:116f99072859f76161266a538d92d7e19e3b463fc18e6084cf7faf7a6b311116",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:053ad72159390ad37825015b051252dc162f46ebeeab4866e1568af1f0084cab",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-must-gather-rhel9",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:1645b8ebfe127ec4a9b8c7c7a2d2ae6723bf1c02d49920a7f579197e8d21366f",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:1d10099e7b5e3a3c4444569f6af365f90494c71b758aad1dad53f5aecf788ca5",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odr-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:2987990bc63fa58ced038084921bdf168a017bd0b94b296a7c79dc264388339a",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/rook-ceph-rhel9-operator",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:25b4647a37692cde90c499460a62a78342827265992adc0740bef650028fc2df",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/addon-manager-rhel8",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unaffected",
"packageName": "multicluster-engine/clusterlifecycle-state-metrics-rhel8",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unaffected",
"packageName": "multicluster-engine/discovery-rhel8",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/hypershift-addon-rhel8-operator",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "affected",
"packageName": "multicluster-engine/hypershift-addon-rhel9-operator",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unaffected",
"packageName": "multicluster-engine/managedcluster-import-controller-rhel8",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/placement-rhel8",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/registration-operator-rhel8",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/registration-rhel8",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "unknown",
"packageName": "multicluster-engine/work-rhel8",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_globalhub"
],
"defaultStatus": "unaffected",
"packageName": "multicluster-globalhub/multicluster-globalhub-agent-rhel9",
"product": "Multicluster Global Hub",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_globalhub"
],
"defaultStatus": "unaffected",
"packageName": "multicluster-globalhub/multicluster-globalhub-manager-rhel9",
"product": "Multicluster Global Hub",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:multicluster_globalhub"
],
"defaultStatus": "unaffected",
"packageName": "multicluster-globalhub/multicluster-globalhub-rhel9-operator",
"product": "Multicluster Global Hub",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/acm-cluster-permission-rhel8",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unaffected",
"packageName": "rhacm2/acm-governance-policy-framework-addon-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unaffected",
"packageName": "rhacm2/cert-policy-controller-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unaffected",
"packageName": "rhacm2/config-policy-controller-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unaffected",
"packageName": "rhacm2/endpoint-monitoring-rhel9-operator",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unaffected",
"packageName": "rhacm2/governance-policy-propagator-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unaffected",
"packageName": "rhacm2/grafana-dashboard-loader-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unaffected",
"packageName": "rhacm2/iam-policy-controller-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/klusterlet-addon-controller-rhel8",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unaffected",
"packageName": "rhacm2/metrics-collector-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/multicloud-integrations-rhel8",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unaffected",
"packageName": "rhacm2/multicluster-observability-rhel9-operator",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/multicluster-operators-application-rhel8",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unknown",
"packageName": "rhacm2/multicluster-operators-channel-rhel8",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unaffected",
"packageName": "rhacm2/rbac-query-proxy-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "unaffected",
"packageName": "rhacm2/search-collector-rhel9",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "unaffected",
"packageName": "advanced-cluster-security/rhacs-rhel8-operator",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_registry:2"
],
"defaultStatus": "unknown",
"packageName": "apicurio/apicurio-registry-rhel8-operator",
"product": "Red Hat build of Apicurio Registry 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:apicurio_registry:3"
],
"defaultStatus": "unaffected",
"packageName": "apicurio/apicurio-registry-rhel8-operator",
"product": "Red Hat build of Apicurio Registry 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_fuse:7"
],
"defaultStatus": "affected",
"packageName": "fuse7/fuse-apicurito-rhel8-operator",
"product": "Red Hat Fuse 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "compliance/openshift-compliance-rhel8-operator",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/cnf-tests-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/cnf-tests-rhel9",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/lifecycle-agent-operator-bundle",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "unaffected",
"packageName": "openshift4/topology-aware-lifecycle-manager-operator-bundle",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"packageName": "openshift4/ztp-site-generate-rhel8",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"packageName": "container-native-virtualization/cluster-network-addons-operator-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "unaffected",
"packageName": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "unaffected",
"packageName": "container-native-virtualization/kubevirt-tekton-tasks-cleanup-vm-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "unaffected",
"packageName": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "unaffected",
"packageName": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "unaffected",
"packageName": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "unaffected",
"packageName": "container-native-virtualization/kubevirt-tekton-tasks-wait-for-vmi-status-rhel9",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:webterminal:1"
],
"defaultStatus": "unaffected",
"packageName": "web-terminal/web-terminal-exec-rhel9",
"product": "Red Hat Web Terminal",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:webterminal:1"
],
"defaultStatus": "unaffected",
"packageName": "web-terminal/web-terminal-rhel9-operator",
"product": "Red Hat Web Terminal",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Antony Di Scala, James Force, and Michael Whale for reporting this issue."
}
],
"datePublic": "2025-08-07T18:59:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, user_setup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used Operator-SDK before 0.15.2 to scaffold their operator may still be impacted by this if the insecure user_setup script is still being used to build new container images. \n\nIn affected images, the /etc/passwd file is created during build time with group-writable permissions and a group ownership of root (gid=0). An attacker who can execute commands within an affected container, even as a non-root user, may be able to leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-16T21:54:06.831Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHEA-2025:23406",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHEA-2025:23406"
},
{
"name": "RHEA-2025:23478",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHEA-2025:23478"
},
{
"name": "RHEA-2026:0129",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHEA-2026:0129"
},
{
"name": "RHSA-2025:19332",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:19332"
},
{
"name": "RHSA-2025:19335",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:19335"
},
{
"name": "RHSA-2025:19958",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:19958"
},
{
"name": "RHSA-2025:19961",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:19961"
},
{
"name": "RHSA-2025:21368",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:21368"
},
{
"name": "RHSA-2025:21885",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:21885"
},
{
"name": "RHSA-2025:22415",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:22415"
},
{
"name": "RHSA-2025:22416",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:22416"
},
{
"name": "RHSA-2025:22418",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:22418"
},
{
"name": "RHSA-2025:22420",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:22420"
},
{
"name": "RHSA-2025:22683",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:22683"
},
{
"name": "RHSA-2025:22684",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:22684"
},
{
"name": "RHSA-2025:23528",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:23528"
},
{
"name": "RHSA-2025:23529",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:23529"
},
{
"name": "RHSA-2025:23542",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:23542"
},
{
"name": "RHSA-2026:0627",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:0627"
},
{
"name": "RHSA-2026:0718",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:0718"
},
{
"name": "RHSA-2026:0722",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:0722"
},
{
"name": "RHSA-2026:0737",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:0737"
},
{
"name": "RHSA-2026:2572",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2572"
},
{
"name": "RHSA-2026:5633",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5633"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-7195"
},
{
"name": "RHBZ#2376300",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376300"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-04T08:54:01.878Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-08-07T18:59:00.000Z",
"value": "Made public."
}
],
"title": "Operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd",
"workarounds": [
{
"lang": "en",
"value": "In Red Hat OpenShift Container Platform, the following default configurations reduce the impact of this vulnerability.\n\nSecurity Context Constraints (SCCs): The default SCC, Restricted-v2, applies several crucial security settings to containers. \n\nCapabilities: drop: ALL removes all Linux capabilities, including SETUID and SETGID. This prevents a process from changing its user or group ID, a common step in privilege escalation attacks. The SETUID and SETGID capabilities can also be dropped explicitly if other capabilities are still required.\n\nallowPrivilegeEscalation: false ensures that a process cannot gain more privileges than its parent process. This blocks attempts by a compromised container process to grant itself additional capabilities.\n\nSELinux Mandatory Access Control (MAC): Pods are required to run with a pre-allocated Multi-Category Security (MCS) label. This SELinux feature provides a strong layer of isolation between containers and from the host system. A properly configured SELinux policy can prevent a container escape, even if an attacker gains elevated permissions within the container itself.\n\nFilesystem Hardening: While not a default setting, a common security practice is to set readOnlyRootFilesystem: true in a container\u0027s security context. In this specific scenario, this configuration would prevent an attacker from modifying critical files like /etc/passwd, even if they managed to gain file-level write permissions."
}
],
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-276: Incorrect Default Permissions"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2025-7195",
"datePublished": "2025-08-07T19:05:08.756Z",
"dateReserved": "2025-07-07T08:45:21.278Z",
"dateUpdated": "2026-04-16T21:54:06.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-7672 (GCVE-0-2025-7672)
Vulnerability from cvelistv5 – Published: 2025-07-15 07:23 – Updated: 2025-07-15 13:29
VLAI
Title
Stored-XSS possibility in Namo CrossEditor4
Summary
The improper default setting in JiranSoft CrossEditor4 on Windows, Linux, Unix (API modules) potentaily allows Stored XSS.
This issue affects CrossEditor4: from 4.0.0.01 before 4.6.0.23.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| JiranSoft | CrossEditor4 |
Affected:
4.0.0.01 , < 4.6.0.23
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7672",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-15T13:29:07.982744Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-15T13:29:17.250Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"API"
],
"platforms": [
"Windows",
"Linux",
"Unix"
],
"product": "CrossEditor4",
"vendor": "JiranSoft",
"versions": [
{
"lessThan": "4.6.0.23",
"status": "affected",
"version": "4.0.0.01",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "mndbok(\ucd5c\uc2b9\uc5f0, Choi Seung Yeon)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The improper default setting in JiranSoft CrossEditor4 on Windows, Linux, Unix (API modules) potentaily allows Stored XSS.\u003cbr\u003e\u003cp\u003eThis issue affects CrossEditor4: from 4.0.0.01 before 4.6.0.23.\u003c/p\u003e"
}
],
"value": "The improper default setting in JiranSoft CrossEditor4 on Windows, Linux, Unix (API modules) potentaily allows Stored XSS.\nThis issue affects CrossEditor4: from 4.0.0.01 before 4.6.0.23."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 2.3,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-15T07:23:20.499Z",
"orgId": "09832df1-09c1-45b4-8a85-16c601d30feb",
"shortName": "FSI"
},
"references": [
{
"url": "https://www.namoeditor.co.kr/crosseditor-summary"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stored-XSS possibility in Namo CrossEditor4",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "09832df1-09c1-45b4-8a85-16c601d30feb",
"assignerShortName": "FSI",
"cveId": "CVE-2025-7672",
"datePublished": "2025-07-15T07:23:20.499Z",
"dateReserved": "2025-07-15T00:09:54.849Z",
"dateUpdated": "2025-07-15T13:29:17.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-8069 (GCVE-0-2025-8069)
Vulnerability from cvelistv5 – Published: 2025-07-23 15:41 – Updated: 2025-10-14 17:56
VLAI
Title
Local Privilege Escalation Vulnerability in AWS Client VPN Windows Client
Summary
During the AWS Client VPN client installation on Windows devices, the install process references the C:\usr\local\windows-x86_64-openssl-localbuild\ssl directory location to fetch the OpenSSL configuration file. As a result, a non-admin user could place arbitrary code in the configuration file. If an admin user starts the AWS Client VPN client installation process, that code could be executed with root-level privileges. This issue does not affect Linux or Mac devices.
We recommend users discontinue any new installations of AWS Client VPN on Windows prior to version 5.2.2.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://aws.amazon.com/security/security-bulletin… | vendor-advisory |
| https://docs.aws.amazon.com/vpn/latest/clientvpn-… | patchrelease-notes |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| AWS | Client VPN |
Affected:
4.1.0
(semver)
Affected: 5.0.0 , < 5.2.2 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8069",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-23T16:21:42.324291Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-23T16:21:48.305Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Client VPN",
"vendor": "AWS",
"versions": [
{
"status": "affected",
"version": "4.1.0",
"versionType": "semver"
},
{
"lessThan": "5.2.2",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eDuring the AWS Client VPN client installation on Windows devices, the install process references the C:\\usr\\local\\windows-x86_64-openssl-localbuild\\ssl directory location to fetch the OpenSSL configuration file. As a result, a non-admin user could place arbitrary code in the configuration file. If an admin user starts the AWS Client VPN client installation process, that code could be executed with root-level privileges. This issue does not affect Linux or Mac devices. \u003c/p\u003e\u003cp\u003eWe recommend users discontinue any new installations of AWS Client VPN on Windows prior to version 5.2.2.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "During the AWS Client VPN client installation on Windows devices, the install process references the C:\\usr\\local\\windows-x86_64-openssl-localbuild\\ssl directory location to fetch the OpenSSL configuration file. As a result, a non-admin user could place arbitrary code in the configuration file. If an admin user starts the AWS Client VPN client installation process, that code could be executed with root-level privileges. This issue does not affect Linux or Mac devices. \n\nWe recommend users discontinue any new installations of AWS Client VPN on Windows prior to version 5.2.2."
}
],
"impacts": [
{
"capecId": "CAPEC-234",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-234 Hijacking a privileged process"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T17:56:39.471Z",
"orgId": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
"shortName": "AMZN"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2025-014/"
},
{
"tags": [
"patch",
"release-notes"
],
"url": "https://docs.aws.amazon.com/vpn/latest/clientvpn-user/client-vpn-connect-windows-release-notes.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Local Privilege Escalation Vulnerability in AWS Client VPN Windows Client",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
"assignerShortName": "AMZN",
"cveId": "CVE-2025-8069",
"datePublished": "2025-07-23T15:41:40.310Z",
"dateReserved": "2025-07-22T23:35:20.181Z",
"dateUpdated": "2025-10-14T17:56:39.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-8098 (GCVE-0-2025-8098)
Vulnerability from cvelistv5 – Published: 2025-08-18 20:05 – Updated: 2026-02-26 17:48
VLAI
Summary
An improper permission vulnerability was reported in Lenovo PC Manager that could allow a local attacker to escalate privileges.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Lenovo | PC Manager |
Affected:
0 , < 5.1.120.7041
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8098",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T03:56:03.586769Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:48:29.736Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PC Manager",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "5.1.120.7041",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lenovo:pc_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.1.120.7041",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper permission vulnerability was reported in Lenovo PC Manager that could allow a local attacker to escalate privileges.\u003c/span\u003e"
}
],
"value": "An improper permission vulnerability was reported in Lenovo PC Manager that could allow a local attacker to escalate privileges."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276: Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-18T20:05:41.030Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/430658"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate Lenovo PC Manager to version 5.1.120.7041 or later.\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Update Lenovo PC Manager to version 5.1.120.7041 or later."
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2025-8098",
"datePublished": "2025-08-18T20:05:41.030Z",
"dateReserved": "2025-07-23T18:34:57.912Z",
"dateUpdated": "2026-02-26T17:48:29.736Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-8421 (GCVE-0-2025-8421)
Vulnerability from cvelistv5 – Published: 2025-11-12 19:17 – Updated: 2025-11-12 21:03
VLAI
Summary
An improper default permission vulnerability was reported in Lenovo Dock Manager that, under certain conditions during installation, could allow an authenticated local user to redirect log files with elevated privileges.
Severity
6.6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Lenovo | Dock Manager |
Affected:
0 , < 1.6.5.2
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8421",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-12T20:42:25.382658Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T21:03:45.571Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Dock Manager",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "1.6.5.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lenovo:dock_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.6.5.2",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Sheikh Rishad for reporting this issue."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper default permission vulnerability was reported in Lenovo Dock Manager that, under certain conditions during installation, could allow an authenticated local user to redirect log files with elevated privileges."
}
],
"value": "An improper default permission vulnerability was reported in Lenovo Dock Manager that, under certain conditions during installation, could allow an authenticated local user to redirect log files with elevated privileges."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276: Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T19:17:59.562Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-198729"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update Lenovo Dock Manager to version 1.5.2.5 or later.\u003cbr\u003e"
}
],
"value": "Update Lenovo Dock Manager to version 1.5.2.5 or later."
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.3.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2025-8421",
"datePublished": "2025-11-12T19:17:59.562Z",
"dateReserved": "2025-07-31T14:54:50.461Z",
"dateUpdated": "2025-11-12T21:03:45.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-8432 (GCVE-0-2025-8432)
Vulnerability from cvelistv5 – Published: 2025-10-27 10:08 – Updated: 2025-10-30 13:51
VLAI
Title
CentreonBI user account on the MBI server can execute commands as root by modifying script runned by the CRON
Summary
Incorrect Default Permissions vulnerability in Centreon Infra Monitoring (MBI modules) allows Embedding Scripts within Scripts by CentreonBI user account on the MBI server This issue affects Infra Monitoring: from 24.10.0 before 24.10.6, from 24.04.0 before 24.04.9, from 23.10.0 before 23.10.15.
Severity
8.4 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/centreon/centreon/releases | release-notes |
| https://thewatch.centreon.com/latest-security-bul… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Centreon | Infra Monitoring |
Affected:
24.10.0 , < 24.10.6
(custom)
Affected: 24.04.0 , < 24.04.9 (custom) Affected: 23.10.0 , < 23.10.15 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8432",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-27T15:10:22.447369Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-27T15:10:36.211Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"MBI"
],
"product": "Infra Monitoring",
"vendor": "Centreon",
"versions": [
{
"lessThan": "24.10.6",
"status": "affected",
"version": "24.10.0",
"versionType": "custom"
},
{
"lessThan": "24.04.9",
"status": "affected",
"version": "24.04.0",
"versionType": "custom"
},
{
"lessThan": "23.10.15",
"status": "affected",
"version": "23.10.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:centreon:infra_monitoring:*:*:*:*:*:*:*:*",
"versionEndExcluding": "24.10.6",
"versionStartIncluding": "24.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centreon:infra_monitoring:*:*:*:*:*:*:*:*",
"versionEndExcluding": "24.04.9",
"versionStartIncluding": "24.04.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:centreon:infra_monitoring:*:*:*:*:*:*:*:*",
"versionEndExcluding": "23.10.15",
"versionStartIncluding": "23.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Stago"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect Default Permissions vulnerability in Centreon Infra Monitoring (MBI modules) allows Embedding Scripts within Scripts by\u0026nbsp;CentreonBI user account on the MBI server \u003cp\u003eThis issue affects Infra Monitoring: from 24.10.0 before 24.10.6, from 24.04.0 before 24.04.9, from 23.10.0 before 23.10.15.\u003c/p\u003e"
}
],
"value": "Incorrect Default Permissions vulnerability in Centreon Infra Monitoring (MBI modules) allows Embedding Scripts within Scripts by\u00a0CentreonBI user account on the MBI server This issue affects Infra Monitoring: from 24.10.0 before 24.10.6, from 24.04.0 before 24.04.9, from 23.10.0 before 23.10.15."
}
],
"impacts": [
{
"capecId": "CAPEC-19",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-19 Embedding Scripts within Scripts"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T13:51:12.045Z",
"orgId": "bd4443e6-1eef-43f3-9886-25fc9ceeaae7",
"shortName": "Centreon"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://github.com/centreon/centreon/releases"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://thewatch.centreon.com/latest-security-bulletins-64/cve-2025-8432-centreon-mbi-high-severity-5180"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CentreonBI user account on the MBI server can execute commands as root by modifying script runned by the CRON",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "bd4443e6-1eef-43f3-9886-25fc9ceeaae7",
"assignerShortName": "Centreon",
"cveId": "CVE-2025-8432",
"datePublished": "2025-10-27T10:08:33.662Z",
"dateReserved": "2025-07-31T18:48:13.937Z",
"dateUpdated": "2025-10-30T13:51:12.045Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-8485 (GCVE-0-2025-8485)
Vulnerability from cvelistv5 – Published: 2025-11-12 19:18 – Updated: 2025-11-12 21:03
VLAI
Summary
An improper permissions vulnerability was reported in Lenovo App Store that could allow a local authenticated user to execute code with elevated privileges during installation of an application.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
1 reference
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8485",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-12T20:37:35.285150Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T21:03:39.691Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "App Store",
"vendor": "Lenovo",
"versions": [
{
"lessThan": "9.0.2530.1027",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lenovo:app_store:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.0.2530.1027",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lenovo thanks Wanjie from Huazhong University of Science and Technology for reporting this issue."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper permissions vulnerability was reported in Lenovo App Store that could allow a local authenticated user to execute code with elevated privileges during installation of an application."
}
],
"value": "An improper permissions vulnerability was reported in Lenovo App Store that could allow a local authenticated user to execute code with elevated privileges during installation of an application."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276: Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T19:18:28.696Z",
"orgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"shortName": "lenovo"
},
"references": [
{
"url": "https://iknow.lenovo.com.cn/detail/434329"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eUpdate Lenovo App Store Client to version 9.0.2530.1027 or later.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "Update Lenovo App Store Client to version 9.0.2530.1027 or later."
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.3.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "da227ddf-6e25-4b41-b023-0f976dcaca4b",
"assignerShortName": "lenovo",
"cveId": "CVE-2025-8485",
"datePublished": "2025-11-12T19:18:28.696Z",
"dateReserved": "2025-08-01T19:34:14.601Z",
"dateUpdated": "2025-11-12T21:03:39.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-8672 (GCVE-0-2025-8672)
Vulnerability from cvelistv5 – Published: 2025-08-11 12:21 – Updated: 2025-08-11 19:45 X_Open Source
VLAI
Title
TCC Bypass via Inherited Permissions in Bundled Interpreter in GIMP.app
Summary
MacOS version of GIMP bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions
granted by the user to the main application bundle. An attacker with local user access can
invoke this interpreter with arbitrary commands or scripts, leveraging the
application's previously granted TCC permissions to access user's files in privacy-protected folders without triggering user prompts. Accessing other resources beyond previously granted TCC permissions will prompt the user for approval in the name of GIMP, potentially disguising attacker's malicious intent.
This issue has been fixed in 3.1.4.2 version of GIMP.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://gitlab.gnome.org/Infrastructure/gimp-maco… | product |
| https://cert.pl/en/posts/2025/08/tcc-bypass/ | third-party-advisory |
| https://www.jamf.com/blog/zero-day-tcc-bypass-dis… | technical-description |
| https://gitlab.gnome.org/GNOME/gimp/-/issues/13848 | issue-tracking |
Date Public
2025-08-11 12:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8672",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-11T19:45:01.431476Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-11T19:45:08.822Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"MacOS"
],
"product": "GIMP",
"repo": "https://gitlab.gnome.org/GNOME/gimp/",
"vendor": "GIMP",
"versions": [
{
"lessThan": "3.1.4.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Karol Mazurek - Afine Team"
}
],
"datePublic": "2025-08-11T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "MacOS version of GIMP bundles a \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ePython\u003c/span\u003e interpreter that inherits the Transparency, Consent, and Control (TCC) permissions\ngranted by the user to the main application bundle. An attacker with local user access can\ninvoke this interpreter with arbitrary commands or scripts, leveraging the\napplication\u0027s previously granted TCC permissions to access user\u0027s files in privacy-protected folders without triggering user prompts. Accessing other resources beyond previously granted TCC permissions will prompt the user for approval in the name of GIMP, potentially disguising attacker\u0027s malicious intent.\u003cbr\u003e\u003cbr\u003eThis issue has been fixed in 3.1.4.2 version of GIMP.\u003cbr\u003e"
}
],
"value": "MacOS version of GIMP bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions\ngranted by the user to the main application bundle. An attacker with local user access can\ninvoke this interpreter with arbitrary commands or scripts, leveraging the\napplication\u0027s previously granted TCC permissions to access user\u0027s files in privacy-protected folders without triggering user prompts. Accessing other resources beyond previously granted TCC permissions will prompt the user for approval in the name of GIMP, potentially disguising attacker\u0027s malicious intent.\n\nThis issue has been fixed in 3.1.4.2 version of GIMP."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-11T15:13:02.758Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"product"
],
"url": "https://gitlab.gnome.org/Infrastructure/gimp-macos-build"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2025/08/tcc-bypass/"
},
{
"tags": [
"technical-description"
],
"url": "https://www.jamf.com/blog/zero-day-tcc-bypass-discovered-in-xcsset-malware/"
},
{
"tags": [
"issue-tracking"
],
"url": "https://gitlab.gnome.org/GNOME/gimp/-/issues/13848"
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"x_open-source"
],
"title": "TCC Bypass via Inherited Permissions in Bundled Interpreter in GIMP.app",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2025-8672",
"datePublished": "2025-08-11T12:21:48.487Z",
"dateReserved": "2025-08-06T12:01:36.272Z",
"dateUpdated": "2025-08-11T19:45:08.822Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-8766 (GCVE-0-2025-8766)
Vulnerability from cvelistv5 – Published: 2026-03-13 02:48 – Updated: 2026-06-05 20:15
VLAI
Title
Noobaa-core: excessive permissions of /etc could lead to escalation of privilege in the noobaa-core container
Summary
A container privilege escalation flaw was found in certain Multi-Cloud Object Gateway Core images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container
Severity
6.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://access.redhat.com/security/cve/CVE-2025-8766 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2387265 | issue-trackingx_refsource_REDHAT |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat | Red Hat Openshift Data Foundation 4 |
cpe:/a:redhat:openshift_data_foundation:4 |
Date Public
2026-03-13 02:37
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8766",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-13T14:13:26.491349Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T14:13:35.211Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4"
],
"defaultStatus": "unknown",
"packageName": "odf4/mcg-core-rhel8",
"product": "Red Hat Openshift Data Foundation 4",
"vendor": "Red Hat"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Antony Di Scala and Michael Whale for reporting this issue."
}
],
"datePublic": "2026-03-13T02:37:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A container privilege escalation flaw was found in certain Multi-Cloud Object Gateway Core images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container"
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-05T20:15:53.648Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-8766"
},
{
"name": "RHBZ#2387265",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387265"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-08-08T16:08:17.737Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-03-13T02:37:00.000Z",
"value": "Made public."
}
],
"title": "Noobaa-core: excessive permissions of /etc could lead to escalation of privilege in the noobaa-core container",
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-276: Incorrect Default Permissions"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2025-8766",
"datePublished": "2026-03-13T02:48:19.748Z",
"dateReserved": "2025-08-08T16:07:52.076Z",
"dateUpdated": "2026-06-05T20:15:53.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-9190 (GCVE-0-2025-9190)
Vulnerability from cvelistv5 – Published: 2025-08-26 12:22 – Updated: 2025-08-26 13:58 X_Open Source
VLAI
Title
TCC Bypass via misconfigured Node fuses in Cursor
Summary
The configuration of Cursor on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Cursor TCC (Transparency, Consent, and Control) permissions.
Acquired resource access is limited to previously granted permissions by the user. Accessing other resources beyond previously granted TCC permissions will prompt the user for approval in the name of Cursor, potentially disguising attacker's malicious intent.
This issue was detected in 15.4.1 version of Cursor. Project maintainers decided not to fix this issue, because a scenario including a local attacker falls outside their defined threat model.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://afine.com/threat-of-tcc-bypasses-on-macos… | technical-description |
| https://github.com/cursor/cursor | product |
| https://cert.pl/posts/2025/08/tcc-bypass/ | third-party-advisory |
| https://github.com/cursor/cursor/security/advisor… | issue-tracking |
Date Public
2025-08-26 12:19
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-9190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-26T13:55:08.869238Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T13:58:15.556Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"MacOS"
],
"product": "Cursor",
"repo": "https://github.com/cursor/cursor",
"vendor": "Cursor",
"versions": [
{
"status": "affected",
"version": "15.4.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Karol Mazurek - AFINE Team"
}
],
"datePublic": "2025-08-26T12:19:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The configuration of Cursor on macOS, specifically the \"RunAsNode\" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Cursor TCC (Transparency, Consent, and Control) permissions. \u003cbr\u003eAcquired resource access is limited to previously granted permissions by the user. Accessing other resources beyond previously granted TCC permissions will prompt the user for approval in the name of Cursor, potentially disguising attacker\u0027s malicious intent. \u003cbr\u003e\u003cbr\u003eThis issue was detected in 15.4.1 version of Cursor. Project maintainers decided not to fix this issue, because a scenario including a local attacker falls outside their defined threat model.\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "The configuration of Cursor on macOS, specifically the \"RunAsNode\" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Cursor TCC (Transparency, Consent, and Control) permissions. \nAcquired resource access is limited to previously granted permissions by the user. Accessing other resources beyond previously granted TCC permissions will prompt the user for approval in the name of Cursor, potentially disguising attacker\u0027s malicious intent. \n\nThis issue was detected in 15.4.1 version of Cursor. Project maintainers decided not to fix this issue, because a scenario including a local attacker falls outside their defined threat model."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T12:22:59.617Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"technical-description"
],
"url": "https://afine.com/threat-of-tcc-bypasses-on-macos/#cooking-cursor-app"
},
{
"tags": [
"product"
],
"url": "https://github.com/cursor/cursor"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/posts/2025/08/tcc-bypass/"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/cursor/cursor/security/advisories/GHSA-xp8w-f7f4-r544"
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"x_open-source"
],
"title": "TCC Bypass via misconfigured Node fuses in Cursor",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2025-9190",
"datePublished": "2025-08-26T12:22:59.617Z",
"dateReserved": "2025-08-19T16:54:31.345Z",
"dateUpdated": "2025-08-26T13:58:15.556Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation ID: MIT-1
Phases: Architecture and Design, Operation
Description:
- The architecture needs to access and modification attributes for files to only those users who actually require those actions.
Mitigation ID: MIT-46
Phase: Architecture and Design
Strategy: Separation of Privilege
Description:
- Compartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.
- Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide the appropriate time to use privileges and the time to drop privileges.
CAPEC-1: Accessing Functionality Not Properly Constrained by ACLs
In applications, particularly web applications, access to functionality is mitigated by an authorization framework. This framework maps Access Control Lists (ACLs) to elements of the application's functionality; particularly URL's for web apps. In the case that the administrator failed to specify an ACL for a particular element, an attacker may be able to access it with impunity. An attacker with the ability to access functionality not properly constrained by ACLs can obtain sensitive information and possibly compromise the entire application. Such an attacker can access resources that must be available only to users at a higher privilege level, can access management sections of the application, or can run queries for data that they otherwise not supposed to.
CAPEC-127: Directory Indexing
An adversary crafts a request to a target that results in the target listing/indexing the content of a directory as output. One common method of triggering directory contents as output is to construct a request containing a path that terminates in a directory name rather than a file name since many applications are configured to provide a list of the directory's contents when such a request is received. An adversary can use this to explore the directory tree on a target as well as learn the names of files. This can often end up revealing test files, backup files, temporary files, hidden files, configuration files, user accounts, script contents, as well as naming conventions, all of which can be used by an attacker to mount additional attacks.
CAPEC-81: Web Server Logs Tampering
Web Logs Tampering attacks involve an attacker injecting, deleting or otherwise tampering with the contents of web logs typically for the purposes of masking other malicious behavior. Additionally, writing malicious data to log files may target jobs, filters, reports, and other agents that process the logs in an asynchronous attack pattern. This pattern of attack is similar to "Log Injection-Tampering-Forging" except that in this case, the attack is targeting the logs of the web server and not the application.