Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-28362
Vulnerability from cvelistv5
Published
2025-01-09 00:33
Modified
2025-01-09 21:28
Severity ?
EPSS score ?
Summary
The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Rails | Action Pack |
Version: 7.0.5.1 < 7.0.5.1 Version: 6.1.7.4 < 6.1.7.4 |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-28362",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-09T21:26:42.827377Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-116",
"description": "CWE-116 Improper Encoding or Escaping of Output",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T21:28:00.488Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Action Pack",
"vendor": "Rails",
"versions": [
{
"lessThan": "7.0.5.1",
"status": "affected",
"version": "7.0.5.1",
"versionType": "custom"
},
{
"lessThan": "6.1.7.4",
"status": "affected",
"version": "6.1.7.4",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header."
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T00:33:47.730Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://discuss.rubyonrails.org/t/cve-2023-28362-possible-xss-via-user-supplied-values-to-redirect-to/83132"
},
{
"url": "https://github.com/advisories/GHSA-4g8v-vg43-wpgf"
},
{
"url": "https://github.com/rails/rails/commit/1c3f93d1e90a3475f9ae2377ead25ccf11f71441"
},
{
"url": "https://github.com/rails/rails/commit/69e37c84e3f77d75566424c7d0015172d6a6fac5"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-28362",
"datePublished": "2025-01-09T00:33:47.730Z",
"dateReserved": "2023-03-15T01:00:13.221Z",
"dateUpdated": "2025-01-09T21:28:00.488Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2023-28362\",\"sourceIdentifier\":\"support@hackerone.com\",\"published\":\"2025-01-09T01:15:07.750\",\"lastModified\":\"2025-01-09T22:15:26.737\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header.\"},{\"lang\":\"es\",\"value\":\"El m\u00e9todo redirect_to method in Rails permite que los valores proporcionados contengan caracteres que no son legales en un valor de encabezado HTTP. Esto genera la posibilidad de que los servicios posteriores que aplican el cumplimiento de RFC en los encabezados de respuesta HTTP eliminen el encabezado de ubicaci\u00f3n asignado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":4.0,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.5,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-116\"}]}],\"references\":[{\"url\":\"https://discuss.rubyonrails.org/t/cve-2023-28362-possible-xss-via-user-supplied-values-to-redirect-to/83132\",\"source\":\"support@hackerone.com\"},{\"url\":\"https://github.com/advisories/GHSA-4g8v-vg43-wpgf\",\"source\":\"support@hackerone.com\"},{\"url\":\"https://github.com/rails/rails/commit/1c3f93d1e90a3475f9ae2377ead25ccf11f71441\",\"source\":\"support@hackerone.com\"},{\"url\":\"https://github.com/rails/rails/commit/69e37c84e3f77d75566424c7d0015172d6a6fac5\",\"source\":\"support@hackerone.com\"}]}}"
}
}
gsd-2023-28362
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-28362",
"id": "GSD-2023-28362"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-28362"
],
"id": "GSD-2023-28362",
"modified": "2023-12-13T01:20:48.258223Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2023-28362",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c6.1.7.4||\u003e=7.0.0 \u003c7.0.5.1",
"affected_versions": "All versions before 6.1.7.4, all versions starting from 7.0.0 before 7.0.5.1",
"cwe_ids": [
"CWE-1035",
"CWE-79",
"CWE-937"
],
"date": "2023-06-29",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) in actionpack.",
"fixed_versions": [
"6.1.7.4",
"7.0.5.1"
],
"identifier": "CVE-2023-28362",
"identifiers": [
"GHSA-4g8v-vg43-wpgf",
"CVE-2023-28362"
],
"not_impacted": "All versions starting from 6.1.7.4 before 7.0.0, all versions starting from 7.0.5.1",
"package_slug": "gem/actionpack",
"pubdate": "2023-06-29",
"solution": "Upgrade to versions 6.1.7.4, 7.0.5.1 or above.",
"title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"urls": [
"https://github.com/rails/rails/commit/1c3f93d1e90a3475f9ae2377ead25ccf11f71441",
"https://github.com/rails/rails/commit/c9ab9b32bcdcfd8bcd55907f6c7b20b4e004cc23",
"https://discuss.rubyonrails.org/t/cve-2023-28362-possible-xss-via-user-supplied-values-to-redirect-to/83132",
"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2023-28362.yml",
"https://github.com/advisories/GHSA-4g8v-vg43-wpgf"
],
"uuid": "510055e2-5d1d-4125-aed9-b31bc94a97fe"
}
]
}
}
}
rhsa-2023_7851
Vulnerability from csaf_redhat
Published
2023-12-14 16:30
Modified
2024-12-18 09:31
Summary
Red Hat Security Advisory: Satellite 6.14.1 Async Security Update
Notes
Topic
Updated Satellite 6.14 packages that fixes Important security bugs and several
regular bugs are now available for Red Hat Satellite.
Details
Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security fix(es):
* rubygem-actionpack: actionpack: Possible XSS via User Supplied Values to redirect_to [rhn_satellite_6.14] (CVE-2023-28362)
* foreman: World readable file containing secrets [rhn_satellite_6.14] (CVE-2023-4886)
* python-urllib3: urllib3: Request body not stripped after redirect from 303 status changes request method to GET [rhn_satellite_6-default] (CVE-2023-45803 )
* python-gitpython: GitPython: Blind local file inclusion [rhn_satellite_6-default] (CVE-2023-41040)
This update fixes the following bugs:
2250342 - REX job finished with exit code 0 but the script failed on client side due to no space.
2250343 - Selinux denials are reported after following "Chapter 13. Managing Custom File Type Content" chapter step by step
2250344 - Long running postgres threads during content-export
2250345 - Upgrade django-import-export package to at least 3.1.0
2250349 - After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync
2250350 - Slow generate applicability for Hosts with multiple modulestreams installed
2250352 - Recalculate button for Errata is not available on Satellite 6.13/ Satellite 6.14 if no errata is present
2250351 - Actions::ForemanLeapp::PreupgradeJob fails with null value in column "preupgrade_report_id" violates not-null constraint when run with non-admin user
2251799 - REX Template for 'convert2rhel analyze' command
2254085 - Getting '/usr/sbin/foreman-rake db:migrate' returned 1 instead of one of [0] ERROR while trying to upgrade Satellite 6.13 to 6.14
2254080 - satellite-convert2rhel-toolkit rpm v1.0.0 in 6.14.z
Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated Satellite 6.14 packages that fixes Important security bugs and several\nregular bugs are now available for Red Hat Satellite.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\n\nSecurity fix(es):\n\n* rubygem-actionpack: actionpack: Possible XSS via User Supplied Values to redirect_to [rhn_satellite_6.14] (CVE-2023-28362)\n\n* foreman: World readable file containing secrets [rhn_satellite_6.14] (CVE-2023-4886)\n\n* python-urllib3: urllib3: Request body not stripped after redirect from 303 status changes request method to GET [rhn_satellite_6-default] (CVE-2023-45803 )\n\n* python-gitpython: GitPython: Blind local file inclusion [rhn_satellite_6-default] (CVE-2023-41040)\n\nThis update fixes the following bugs:\n\n2250342 - REX job finished with exit code 0 but the script failed on client side due to no space.\n2250343 - Selinux denials are reported after following \"Chapter 13. Managing Custom File Type Content\" chapter step by step\n2250344 - Long running postgres threads during content-export\n2250345 - Upgrade django-import-export package to at least 3.1.0\n2250349 - After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync\n2250350 - Slow generate applicability for Hosts with multiple modulestreams installed\n2250352 - Recalculate button for Errata is not available on Satellite 6.13/ Satellite 6.14 if no errata is present\n2250351 - Actions::ForemanLeapp::PreupgradeJob fails with null value in column \"preupgrade_report_id\" violates not-null constraint when run with non-admin user\n2251799 - REX Template for \u0027convert2rhel analyze\u0027 command\n2254085 - Getting \u0027/usr/sbin/foreman-rake db:migrate\u0027 returned 1 instead of one of [0] ERROR while trying to upgrade Satellite 6.13 to 6.14 \n2254080 - satellite-convert2rhel-toolkit rpm v1.0.0 in 6.14.z\n\nUsers of Red Hat Satellite are advised to upgrade to these updated\npackages, which fix these bugs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:7851",
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_red_hat_satellite_to_6.14/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.14/html/upgrading_red_hat_satellite_to_6.14/index"
},
{
"category": "external",
"summary": "2217785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2217785"
},
{
"category": "external",
"summary": "2230135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135"
},
{
"category": "external",
"summary": "2246840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246840"
},
{
"category": "external",
"summary": "2247040",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247040"
},
{
"category": "external",
"summary": "2250342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250342"
},
{
"category": "external",
"summary": "2250343",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250343"
},
{
"category": "external",
"summary": "2250344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250344"
},
{
"category": "external",
"summary": "2250345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250345"
},
{
"category": "external",
"summary": "2250349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250349"
},
{
"category": "external",
"summary": "2250350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250350"
},
{
"category": "external",
"summary": "2250351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250351"
},
{
"category": "external",
"summary": "2250352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250352"
},
{
"category": "external",
"summary": "2251799",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251799"
},
{
"category": "external",
"summary": "2254080",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254080"
},
{
"category": "external",
"summary": "2254085",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254085"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_7851.json"
}
],
"title": "Red Hat Security Advisory: Satellite 6.14.1 Async Security Update",
"tracking": {
"current_release_date": "2024-12-18T09:31:25+00:00",
"generator": {
"date": "2024-12-18T09:31:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2023:7851",
"initial_release_date": "2023-12-14T16:30:08+00:00",
"revision_history": [
{
"date": "2023-12-14T16:30:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-12-14T16:30:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T09:31:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.14::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.14::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.14::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite 6"
},
{
"branches": [
{
"category": "product_version",
"name": "createrepo_c-0:1.0.2-2.el8pc.src",
"product": {
"name": "createrepo_c-0:1.0.2-2.el8pc.src",
"product_id": "createrepo_c-0:1.0.2-2.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.7.0.10-1.el8sat.src",
"product": {
"name": "foreman-0:3.7.0.10-1.el8sat.src",
"product_id": "foreman-0:3.7.0.10-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.7.0.10-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.7.0.5-1.el8sat.src",
"product": {
"name": "foreman-installer-1:3.7.0.5-1.el8sat.src",
"product_id": "foreman-installer-1:3.7.0.5-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.7.0.5-1.el8sat?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-django-import-export-0:3.1.0-1.el8pc.src",
"product": {
"name": "python-django-import-export-0:3.1.0-1.el8pc.src",
"product_id": "python-django-import-export-0:3.1.0-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-django-import-export@3.1.0-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-gitpython-0:3.1.40-0.1.el8pc.src",
"product": {
"name": "python-gitpython-0:3.1.40-0.1.el8pc.src",
"product_id": "python-gitpython-0:3.1.40-0.1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-gitpython@3.1.40-0.1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulpcore-0:3.22.19-1.el8pc.src",
"product": {
"name": "python-pulpcore-0:3.22.19-1.el8pc.src",
"product_id": "python-pulpcore-0:3.22.19-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulpcore@3.22.19-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pulp-rpm-0:3.19.11-2.el8pc.src",
"product": {
"name": "python-pulp-rpm-0:3.19.11-2.el8pc.src",
"product_id": "python-pulp-rpm-0:3.19.11-2.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pulp-rpm@3.19.11-2.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-urllib3-0:1.26.18-0.1.el8pc.src",
"product": {
"name": "python-urllib3-0:1.26.18-0.1.el8pc.src",
"product_id": "python-urllib3-0:1.26.18-0.1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-urllib3@1.26.18-0.1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actioncable@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionmailbox@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionmailer@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionpack@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actiontext@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionview@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activejob@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activemodel@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activerecord@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activestorage@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-rails-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-rails-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-rails-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rails@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-railties-0:6.1.7.4-1.el8sat.src",
"product": {
"name": "rubygem-railties-0:6.1.7.4-1.el8sat.src",
"product_id": "rubygem-railties-0:6.1.7.4-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-railties@6.1.7.4-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"product": {
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"product_id": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-smart_proxy_remote_execution_ssh@0.10.2-2.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.14.1-1.el8sat.src",
"product": {
"name": "satellite-0:6.14.1-1.el8sat.src",
"product_id": "satellite-0:6.14.1-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.14.1-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"product": {
"name": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"product_id": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_remote_execution@10.1.2-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.9.0.18-1.el8sat.src",
"product": {
"name": "rubygem-katello-0:4.9.0.18-1.el8sat.src",
"product_id": "rubygem-katello-0:4.9.0.18-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.9.0.18-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.src",
"product": {
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.src",
"product_id": "pulpcore-selinux-0:2.0.0-1.el8pc.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pulpcore-selinux@2.0.0-1.el8pc?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"product": {
"name": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"product_id": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_leapp@1.1.0-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"product": {
"name": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"product_id": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.0-1.el8sat?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c-libs@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_id": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-createrepo_c@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_id": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-createrepo_c@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c-debugsource@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_id": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/createrepo_c-libs-debuginfo@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_id": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product": {
"name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_id": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-createrepo_c-debuginfo@1.0.2-2.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"product": {
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"product_id": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pulpcore-selinux@2.0.0-1.el8pc?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64",
"product": {
"name": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64",
"product_id": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-convert2rhel-toolkit@1.0.0-1.el8sat?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-cli@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-debug@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ec2@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-journald@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-libvirt@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-openstack@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ovirt@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-postgresql@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-redis@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-service-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-service-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-service-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-service@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-telemetry@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"product": {
"name": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"product_id": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-vmware@3.7.0.10-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"product": {
"name": "foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"product_id": "foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer@3.7.0.5-1.el8sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"product": {
"name": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"product_id": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-installer-katello@3.7.0.5-1.el8sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"product": {
"name": "python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"product_id": "python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-django-import-export@3.1.0-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"product": {
"name": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"product_id": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-gitpython@3.1.40-0.1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"product": {
"name": "python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"product_id": "python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulpcore@3.22.19-1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"product": {
"name": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"product_id": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-pulp-rpm@3.19.11-2.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"product": {
"name": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"product_id": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python39-urllib3@1.26.18-0.1.el8pc?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actioncable@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionmailbox@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionmailer@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionpack@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actiontext@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-actionview@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activejob@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activemodel@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activerecord@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activestorage@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-activesupport@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rails@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"product": {
"name": "rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"product_id": "rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-railties@6.1.7.4-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"product": {
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"product_id": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-smart_proxy_remote_execution_ssh@0.10.2-2.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.14.1-1.el8sat.noarch",
"product": {
"name": "satellite-cli-0:6.14.1-1.el8sat.noarch",
"product_id": "satellite-cli-0:6.14.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.14.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.14.1-1.el8sat.noarch",
"product": {
"name": "satellite-capsule-0:6.14.1-1.el8sat.noarch",
"product_id": "satellite-capsule-0:6.14.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.14.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.14.1-1.el8sat.noarch",
"product": {
"name": "satellite-common-0:6.14.1-1.el8sat.noarch",
"product_id": "satellite-common-0:6.14.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.14.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.14.1-1.el8sat.noarch",
"product": {
"name": "satellite-0:6.14.1-1.el8sat.noarch",
"product_id": "satellite-0:6.14.1-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.14.1-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"product_id": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_remote_execution@10.1.2-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"product_id": "rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_remote_execution-cockpit@10.1.2-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"product": {
"name": "rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"product_id": "rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.9.0.18-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"product": {
"name": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"product_id": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_leapp@1.1.0-1.el8sat?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src"
},
"product_reference": "createrepo_c-0:1.0.2-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.10-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src"
},
"product_reference": "foreman-0:3.7.0.10-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.7.0.5-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch"
},
"product_reference": "foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.7.0.5-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src"
},
"product_reference": "foreman-installer-1:3.7.0.5-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src"
},
"product_reference": "pulpcore-selinux-0:2.0.0-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64"
},
"product_reference": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-django-import-export-0:3.1.0-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src"
},
"product_reference": "python-django-import-export-0:3.1.0-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-gitpython-0:3.1.40-0.1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src"
},
"product_reference": "python-gitpython-0:3.1.40-0.1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-rpm-0:3.19.11-2.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src"
},
"product_reference": "python-pulp-rpm-0:3.19.11-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulpcore-0:3.22.19-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src"
},
"product_reference": "python-pulpcore-0:3.22.19-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-urllib3-0:1.26.18-0.1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src"
},
"product_reference": "python-urllib3-0:1.26.18-0.1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-django-import-export-0:3.1.0-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch"
},
"product_reference": "python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch"
},
"product_reference": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch"
},
"product_reference": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulpcore-0:3.22.19-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch"
},
"product_reference": "python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch"
},
"product_reference": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch"
},
"product_reference": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src"
},
"product_reference": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src"
},
"product_reference": "satellite-0:6.14.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.10-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src"
},
"product_reference": "foreman-0:3.7.0.10-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src"
},
"product_reference": "satellite-0:6.14.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-0:1.0.2-2.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src"
},
"product_reference": "createrepo_c-0:1.0.2-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.7.0.10-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src"
},
"product_reference": "foreman-0:3.7.0.10-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.7.0.5-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch"
},
"product_reference": "foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-1:3.7.0.5-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src"
},
"product_reference": "foreman-installer-1:3.7.0.5-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch"
},
"product_reference": "foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src"
},
"product_reference": "pulpcore-selinux-0:2.0.0-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64"
},
"product_reference": "pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-django-import-export-0:3.1.0-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src"
},
"product_reference": "python-django-import-export-0:3.1.0-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-gitpython-0:3.1.40-0.1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src"
},
"product_reference": "python-gitpython-0:3.1.40-0.1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulp-rpm-0:3.19.11-2.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src"
},
"product_reference": "python-pulp-rpm-0:3.19.11-2.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pulpcore-0:3.22.19-1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src"
},
"product_reference": "python-pulpcore-0:3.22.19-1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-urllib3-0:1.26.18-0.1.el8pc.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src"
},
"product_reference": "python-urllib3-0:1.26.18-0.1.el8pc.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64"
},
"product_reference": "python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-django-import-export-0:3.1.0-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch"
},
"product_reference": "python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch"
},
"product_reference": "python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch"
},
"product_reference": "python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-pulpcore-0:3.22.19-1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch"
},
"product_reference": "python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch"
},
"product_reference": "python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actioncable-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionpack-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actiontext-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionview-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-actionview-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activejob-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activejob-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activemodel-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activerecord-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activestorage-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-activesupport-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src"
},
"product_reference": "rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src"
},
"product_reference": "rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch"
},
"product_reference": "rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.9.0.18-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch"
},
"product_reference": "rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.9.0.18-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src"
},
"product_reference": "rubygem-katello-0:4.9.0.18-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rails-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rails-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-rails-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-railties-0:6.1.7.4-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch"
},
"product_reference": "rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-railties-0:6.1.7.4-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src"
},
"product_reference": "rubygem-railties-0:6.1.7.4-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch"
},
"product_reference": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src"
},
"product_reference": "rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.14.1-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src"
},
"product_reference": "satellite-0:6.14.1-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.14.1-1.el8sat.noarch as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.14.1-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src"
},
"product_reference": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64 as a component of Red Hat Satellite 6.14 for RHEL 8",
"product_id": "8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
},
"product_reference": "satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64",
"relates_to_product_reference": "8Base-satellite-6.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-4886",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-08-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2230135"
}
],
"notes": [
{
"category": "description",
"text": "A sensitive information exposure vulnerability was found in foreman. Contents of tomcat\u0027s server.xml file, which contain passwords to candlepin\u0027s keystore and truststore, were found to be world readable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "foreman: World readable file containing secrets",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has a limited impact on security, as candlepin\u0027s individual stores\u0027 privileges are limited to root and tomcat only. Therefore, the impact is limited to highly privileged users.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-4886"
},
{
"category": "external",
"summary": "RHBZ#2230135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230135"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-4886",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4886"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4886",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4886"
}
],
"release_date": "2023-10-03T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-14T16:30:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "foreman: World readable file containing secrets"
},
{
"cve": "CVE-2023-28362",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-06-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2217785"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site Scripting (XSS) vulnerability was found in Actionpack due to improper sanitization of user-supplied values. This allows provided values to contain characters that are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned location header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "actionpack: Possible XSS via User Supplied Values to redirect_to",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-28362"
},
{
"category": "external",
"summary": "RHBZ#2217785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2217785"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-28362",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28362"
},
{
"category": "external",
"summary": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2023-28362.yml",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2023-28362.yml"
}
],
"release_date": "2023-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-14T16:30:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "actionpack: Possible XSS via User Supplied Values to redirect_to"
},
{
"cve": "CVE-2023-41040",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2023-10-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2247040"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in GitPython due to an input validation error when reading from the \".git\" directory. This issue may allow a remote attacker to prepare a specially crafted \".git\" file with directory traversal characters in file names and force the application to read these files from the local system, which can result in checking for the existence of a specific file on the system or allow a denial of service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GitPython: Blind local file inclusion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability cannot be used to read the contents of files but could be used to trigger a denial of service for the program.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-41040"
},
{
"category": "external",
"summary": "RHBZ#2247040",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247040"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-41040",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-41040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-41040"
},
{
"category": "external",
"summary": "https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c",
"url": "https://github.com/gitpython-developers/GitPython/security/advisories/GHSA-cwvm-v4w8-q58c"
}
],
"release_date": "2023-08-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-14T16:30:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "GitPython: Blind local file inclusion"
},
{
"cve": "CVE-2023-43804",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-10-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242493"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, a user-friendly HTTP client library for Python. urllib3 doesn\u0027t treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, which is the responsibility of the user. However, it is possible for a user to specify a `Cookie` header and unknowingly leak information via HTTP redirects to a different origin if that user doesn\u0027t disable redirects explicitly.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-urllib3: Cookie request header isn\u0027t stripped during cross-origin redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-43804"
},
{
"category": "external",
"summary": "RHBZ#2242493",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242493"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-43804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-43804",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-43804"
}
],
"release_date": "2023-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-14T16:30:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-urllib3: Cookie request header isn\u0027t stripped during cross-origin redirects"
},
{
"cve": "CVE-2023-45803",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2023-10-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2246840"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3, an HTTP client library for Python. urllib3 doesn\u0027t remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303, after changing the method in a request from one that could accept a request body such as `POST` to `GET`, as is required by HTTP RFCs. This issue requires a previously trusted service to become compromised in order to have an impact on confidentiality, therefore, the exploitability of this vulnerability is low. Additionally, many users aren\u0027t putting sensitive data in HTTP request bodies; if this is the case, this vulnerability isn\u0027t exploitable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: Request body not stripped after redirect from 303 status changes request method to GET",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Both of the following conditions must be true to be affected by this vulnerability: \n1. Using urllib3 and submitting sensitive information in the HTTP request body such as form data or JSON\n2. The origin service is compromised and starts redirecting using 301, 302, or 303 to a malicious peer or the redirected-to service becomes compromised",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch"
],
"known_not_affected": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45803"
},
{
"category": "external",
"summary": "RHBZ#2246840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2246840"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45803",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45803"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9",
"url": "https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110.html#name-get",
"url": "https://www.rfc-editor.org/rfc/rfc9110.html#name-get"
}
],
"release_date": "2023-10-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-12-14T16:30:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
},
{
"category": "workaround",
"details": "Users unable to update should disable redirects for services that aren\u0027t expecting to respond with redirects with `redirects=False`, disable automatic redirects with `redirects=False`, and handle 301, 302, and 303 redirects manually by stripping the HTTP request body.",
"product_ids": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14-capsule:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14-capsule:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14-capsule:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14-capsule:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14-capsule:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14-capsule:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14-capsule:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14-capsule:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-capsule:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-capsule:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14-utils:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14-utils:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14-utils:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.src",
"8Base-satellite-6.14:createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-debugsource-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:createrepo_c-libs-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-0:3.7.0.10-1.el8sat.src",
"8Base-satellite-6.14:foreman-cli-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-debug-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-dynflow-sidekiq-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ec2-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-installer-1:3.7.0.5-1.el8sat.src",
"8Base-satellite-6.14:foreman-installer-katello-1:3.7.0.5-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-journald-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-libvirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-openstack-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-ovirt-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-postgresql-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-redis-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-service-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-telemetry-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:foreman-vmware-0:3.7.0.10-1.el8sat.noarch",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.src",
"8Base-satellite-6.14:pulpcore-selinux-0:2.0.0-1.el8pc.x86_64",
"8Base-satellite-6.14:python-django-import-export-0:3.1.0-1.el8pc.src",
"8Base-satellite-6.14:python-gitpython-0:3.1.40-0.1.el8pc.src",
"8Base-satellite-6.14:python-pulp-rpm-0:3.19.11-2.el8pc.src",
"8Base-satellite-6.14:python-pulpcore-0:3.22.19-1.el8pc.src",
"8Base-satellite-6.14:python-urllib3-0:1.26.18-0.1.el8pc.src",
"8Base-satellite-6.14:python3-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python3-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-createrepo_c-debuginfo-0:1.0.2-2.el8pc.x86_64",
"8Base-satellite-6.14:python39-django-import-export-0:3.1.0-1.el8pc.noarch",
"8Base-satellite-6.14:python39-gitpython-0:3.1.40-0.1.el8pc.noarch",
"8Base-satellite-6.14:python39-pulp-rpm-0:3.19.11-2.el8pc.noarch",
"8Base-satellite-6.14:python39-pulpcore-0:3.22.19-1.el8pc.noarch",
"8Base-satellite-6.14:python39-urllib3-0:1.26.18-0.1.el8pc.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actioncable-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailbox-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionmailer-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionpack-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actiontext-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-actionview-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activejob-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activemodel-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activerecord-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activestorage-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-activesupport-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_leapp-0:1.1.0-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-0:10.1.2-1.el8sat.src",
"8Base-satellite-6.14:rubygem-foreman_remote_execution-cockpit-0:10.1.2-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-katello-0:4.9.0.18-1.el8sat.src",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-rails-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.noarch",
"8Base-satellite-6.14:rubygem-railties-0:6.1.7.4-1.el8sat.src",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.noarch",
"8Base-satellite-6.14:rubygem-smart_proxy_remote_execution_ssh-0:0.10.2-2.el8sat.src",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-0:6.14.1-1.el8sat.src",
"8Base-satellite-6.14:satellite-capsule-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-cli-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-common-0:6.14.1-1.el8sat.noarch",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.src",
"8Base-satellite-6.14:satellite-convert2rhel-toolkit-0:1.0.0-1.el8sat.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "urllib3: Request body not stripped after redirect from 303 status changes request method to GET"
}
]
}
WID-SEC-W-2023-2101
Vulnerability from csaf_certbund
Published
2023-08-20 22:00
Modified
2023-08-20 22:00
Summary
genua genucenter: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
genucenter bietet eine zentrale und rollenbasierte Administration der Lösungen von genua.
Angriff
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in genua genucenter ausnutzen, um Informationen offenzulegen, Dateien zu manipulieren, um Cross-Site Scripting Angriffe durchzuführen oder um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- Hardware Appliance
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "genucenter bietet eine zentrale und rollenbasierte Administration der L\u00f6sungen von genua.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in genua genucenter ausnutzen, um Informationen offenzulegen, Dateien zu manipulieren, um Cross-Site Scripting Angriffe durchzuf\u00fchren oder um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Hardware Appliance",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2101 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2101.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2101 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2101"
},
{
"category": "external",
"summary": "genua Kundencenter vom 2023-08-20",
"url": "https://kunde.genua.de/nc/suche/view/neuer-patch-genucenter-80p6-verfuegbar.html?tx_genusupport_content%5Bidentity%5D=0\u0026tx_genusupport_content%5BsearchTerm%5D=\u0026tx_genusupport_content%5BforcePath%5D=\u0026tx_genusupport_content%5Baction%5D=genuSupportSearch\u0026tx_genusupport_content%5Bcontroller%5D=Content"
}
],
"source_lang": "en-US",
"title": "genua genucenter: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-08-20T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:57:15.711+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-2101",
"initial_release_date": "2023-08-20T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-08-20T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "genua genucenter \u003c 8.0 patch 6",
"product": {
"name": "genua genucenter \u003c 8.0 patch 6",
"product_id": "T029421",
"product_identification_helper": {
"cpe": "cpe:/h:genua:genucenter:8.0:patch_6"
}
}
}
],
"category": "vendor",
"name": "genua"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-32001",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-32001"
},
{
"cve": "CVE-2023-29469",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-29469"
},
{
"cve": "CVE-2023-28484",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-28484"
},
{
"cve": "CVE-2023-28362",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-28362"
},
{
"cve": "CVE-2023-27539",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-27539"
},
{
"cve": "CVE-2023-27530",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-27530"
},
{
"cve": "CVE-2023-27320",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-27320"
},
{
"cve": "CVE-2023-23916",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-23916"
},
{
"cve": "CVE-2023-23915",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-23915"
},
{
"cve": "CVE-2023-23914",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-23914"
},
{
"cve": "CVE-2023-23913",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-23913"
},
{
"cve": "CVE-2023-22799",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-22799"
},
{
"cve": "CVE-2023-22796",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-22796"
},
{
"cve": "CVE-2023-22795",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-22795"
},
{
"cve": "CVE-2023-22794",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-22794"
},
{
"cve": "CVE-2023-22792",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-22792"
},
{
"cve": "CVE-2022-44566",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2022-44566"
},
{
"cve": "CVE-2021-28092",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2021-28092"
}
]
}
wid-sec-w-2023-1577
Vulnerability from csaf_certbund
Published
2023-06-27 22:00
Modified
2023-12-14 23:00
Summary
Ruby on Rails: Schwachstelle ermöglicht Cross-Site Scripting
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Ruby on Rails ist ein in der Programmiersprache Ruby geschriebenes und quelloffenes Web Application Framework.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Ruby on Rails ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "niedrig"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Ruby on Rails ist ein in der Programmiersprache Ruby geschriebenes und quelloffenes Web Application Framework.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Ruby on Rails ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1577 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1577.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1577 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1577"
},
{
"category": "external",
"summary": "Ruby Security Announcements vom 2023-06-27",
"url": "https://discuss.rubyonrails.org/t/cve-2023-28362-possible-xss-via-user-supplied-values-to-redirect-to/83132"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:3229-1 vom 2023-08-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-August/015808.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:3255-1 vom 2023-08-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-August/015832.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7037764 vom 2023-09-22",
"url": "https://www.ibm.com/support/pages/node/7037764"
},
{
"category": "external",
"summary": "IBM Security Bulletin 1126755 vom 2023-10-16",
"url": "https://www.ibm.com/support/pages/node/1126755"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:7851 vom 2023-12-15",
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
}
],
"source_lang": "en-US",
"title": "Ruby on Rails: Schwachstelle erm\u00f6glicht Cross-Site Scripting",
"tracking": {
"current_release_date": "2023-12-14T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:53:08.415+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-1577",
"initial_release_date": "2023-06-27T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-06-27T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-08-08T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-08-09T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-09-21T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-10-16T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-12-14T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "6"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM License Metric Tool 9.2",
"product": {
"name": "IBM License Metric Tool 9.2",
"product_id": "T027649",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:license_metric_tool:9.2"
}
}
},
{
"category": "product_name",
"name": "IBM License Metric Tool \u003c 9.2.33",
"product": {
"name": "IBM License Metric Tool \u003c 9.2.33",
"product_id": "T030111",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:license_metric_tool:9.2.33"
}
}
}
],
"category": "product_name",
"name": "License Metric Tool"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Open Source Ruby on Rails \u003c 7.0.5.1",
"product": {
"name": "Open Source Ruby on Rails \u003c 7.0.5.1",
"product_id": "T028335",
"product_identification_helper": {
"cpe": "cpe:/a:rubyonrails:ruby_on_rails:7.0.5.1"
}
}
},
{
"category": "product_name",
"name": "Open Source Ruby on Rails \u003c 6.1.7.4",
"product": {
"name": "Open Source Ruby on Rails \u003c 6.1.7.4",
"product_id": "T028336",
"product_identification_helper": {
"cpe": "cpe:/a:rubyonrails:ruby_on_rails:6.1.7.4"
}
}
}
],
"category": "product_name",
"name": "Ruby on Rails"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-28362",
"notes": [
{
"category": "description",
"text": "In Ruby on Rails existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T030111",
"T002207",
"T027649",
"67646"
]
},
"release_date": "2023-06-27T22:00:00.000+00:00",
"title": "CVE-2023-28362"
}
]
}
WID-SEC-W-2023-1577
Vulnerability from csaf_certbund
Published
2023-06-27 22:00
Modified
2023-12-14 23:00
Summary
Ruby on Rails: Schwachstelle ermöglicht Cross-Site Scripting
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Ruby on Rails ist ein in der Programmiersprache Ruby geschriebenes und quelloffenes Web Application Framework.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Ruby on Rails ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "niedrig"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Ruby on Rails ist ein in der Programmiersprache Ruby geschriebenes und quelloffenes Web Application Framework.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Ruby on Rails ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1577 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1577.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1577 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1577"
},
{
"category": "external",
"summary": "Ruby Security Announcements vom 2023-06-27",
"url": "https://discuss.rubyonrails.org/t/cve-2023-28362-possible-xss-via-user-supplied-values-to-redirect-to/83132"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:3229-1 vom 2023-08-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-August/015808.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:3255-1 vom 2023-08-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-August/015832.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7037764 vom 2023-09-22",
"url": "https://www.ibm.com/support/pages/node/7037764"
},
{
"category": "external",
"summary": "IBM Security Bulletin 1126755 vom 2023-10-16",
"url": "https://www.ibm.com/support/pages/node/1126755"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:7851 vom 2023-12-15",
"url": "https://access.redhat.com/errata/RHSA-2023:7851"
}
],
"source_lang": "en-US",
"title": "Ruby on Rails: Schwachstelle erm\u00f6glicht Cross-Site Scripting",
"tracking": {
"current_release_date": "2023-12-14T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:53:08.415+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-1577",
"initial_release_date": "2023-06-27T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-06-27T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-08-08T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-08-09T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-09-21T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-10-16T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-12-14T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "6"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM License Metric Tool 9.2",
"product": {
"name": "IBM License Metric Tool 9.2",
"product_id": "T027649",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:license_metric_tool:9.2"
}
}
},
{
"category": "product_name",
"name": "IBM License Metric Tool \u003c 9.2.33",
"product": {
"name": "IBM License Metric Tool \u003c 9.2.33",
"product_id": "T030111",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:license_metric_tool:9.2.33"
}
}
}
],
"category": "product_name",
"name": "License Metric Tool"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Open Source Ruby on Rails \u003c 7.0.5.1",
"product": {
"name": "Open Source Ruby on Rails \u003c 7.0.5.1",
"product_id": "T028335",
"product_identification_helper": {
"cpe": "cpe:/a:rubyonrails:ruby_on_rails:7.0.5.1"
}
}
},
{
"category": "product_name",
"name": "Open Source Ruby on Rails \u003c 6.1.7.4",
"product": {
"name": "Open Source Ruby on Rails \u003c 6.1.7.4",
"product_id": "T028336",
"product_identification_helper": {
"cpe": "cpe:/a:rubyonrails:ruby_on_rails:6.1.7.4"
}
}
}
],
"category": "product_name",
"name": "Ruby on Rails"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-28362",
"notes": [
{
"category": "description",
"text": "In Ruby on Rails existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T030111",
"T002207",
"T027649",
"67646"
]
},
"release_date": "2023-06-27T22:00:00.000+00:00",
"title": "CVE-2023-28362"
}
]
}
wid-sec-w-2023-2101
Vulnerability from csaf_certbund
Published
2023-08-20 22:00
Modified
2023-08-20 22:00
Summary
genua genucenter: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
genucenter bietet eine zentrale und rollenbasierte Administration der Lösungen von genua.
Angriff
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in genua genucenter ausnutzen, um Informationen offenzulegen, Dateien zu manipulieren, um Cross-Site Scripting Angriffe durchzuführen oder um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- Hardware Appliance
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "genucenter bietet eine zentrale und rollenbasierte Administration der L\u00f6sungen von genua.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in genua genucenter ausnutzen, um Informationen offenzulegen, Dateien zu manipulieren, um Cross-Site Scripting Angriffe durchzuf\u00fchren oder um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Hardware Appliance",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2101 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2101.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2101 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2101"
},
{
"category": "external",
"summary": "genua Kundencenter vom 2023-08-20",
"url": "https://kunde.genua.de/nc/suche/view/neuer-patch-genucenter-80p6-verfuegbar.html?tx_genusupport_content%5Bidentity%5D=0\u0026tx_genusupport_content%5BsearchTerm%5D=\u0026tx_genusupport_content%5BforcePath%5D=\u0026tx_genusupport_content%5Baction%5D=genuSupportSearch\u0026tx_genusupport_content%5Bcontroller%5D=Content"
}
],
"source_lang": "en-US",
"title": "genua genucenter: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-08-20T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:57:15.711+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-2101",
"initial_release_date": "2023-08-20T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-08-20T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "genua genucenter \u003c 8.0 patch 6",
"product": {
"name": "genua genucenter \u003c 8.0 patch 6",
"product_id": "T029421",
"product_identification_helper": {
"cpe": "cpe:/h:genua:genucenter:8.0:patch_6"
}
}
}
],
"category": "vendor",
"name": "genua"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-32001",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-32001"
},
{
"cve": "CVE-2023-29469",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-29469"
},
{
"cve": "CVE-2023-28484",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-28484"
},
{
"cve": "CVE-2023-28362",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-28362"
},
{
"cve": "CVE-2023-27539",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-27539"
},
{
"cve": "CVE-2023-27530",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-27530"
},
{
"cve": "CVE-2023-27320",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-27320"
},
{
"cve": "CVE-2023-23916",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-23916"
},
{
"cve": "CVE-2023-23915",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-23915"
},
{
"cve": "CVE-2023-23914",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-23914"
},
{
"cve": "CVE-2023-23913",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-23913"
},
{
"cve": "CVE-2023-22799",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-22799"
},
{
"cve": "CVE-2023-22796",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-22796"
},
{
"cve": "CVE-2023-22795",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-22795"
},
{
"cve": "CVE-2023-22794",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-22794"
},
{
"cve": "CVE-2023-22792",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2023-22792"
},
{
"cve": "CVE-2022-44566",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2022-44566"
},
{
"cve": "CVE-2021-28092",
"notes": [
{
"category": "description",
"text": "Es existieren mehrere Schwachstellen in genua genucenter und in davon genutzten Komponenten von Drittanbietern (curl, libxml, sudo und Ruby). Durch manipulierte Anfragen an das System kann ein Angreifer dadurch Informationen offenlegen, Dateien manipulieren, Cross-Site Scripting Angriffe durchf\u00fchren oder weitere nicht spezifizierte Auswirkungen erzielen."
}
],
"release_date": "2023-08-20T22:00:00.000+00:00",
"title": "CVE-2021-28092"
}
]
}
ghsa-4g8v-vg43-wpgf
Vulnerability from github
Published
2023-06-29 15:03
Modified
2025-01-09 15:37
Summary
Actionpack has possible cross-site scripting vulnerability via User Supplied Values to redirect_to
Details
The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header. This vulnerability has been assigned the CVE identifier CVE-2023-28362.
Versions Affected: All. Not affected: None Fixed Versions: 7.0.5.1, 6.1.7.4
Impact
This introduces the potential for a Cross-site-scripting (XSS) payload to be delivered on the now static redirection page. Note that this both requires user interaction and for a Rails app to be configured to allow redirects to external hosts (defaults to false in Rails >= 7.0.x).
Releases
The FIXED releases are available at the normal locations.
Workarounds
Avoid providing user supplied URLs with arbitrary schemes to the redirect_to method.
{
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "actionpack"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.1.7.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "actionpack"
},
"ranges": [
{
"events": [
{
"introduced": "7.0.0"
},
{
"fixed": "7.0.5.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-28362"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": true,
"github_reviewed_at": "2023-06-29T15:03:16Z",
"nvd_published_at": "2025-01-09T01:15:07Z",
"severity": "MODERATE"
},
"details": "The `redirect_to` method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header. This vulnerability has been assigned the CVE identifier CVE-2023-28362.\n\nVersions Affected: All. Not affected: None Fixed Versions: 7.0.5.1, 6.1.7.4\n\n# Impact\n\nThis introduces the potential for a Cross-site-scripting (XSS) payload to be delivered on the now static redirection page. Note that this both requires user interaction and for a Rails app to be configured to allow redirects to external hosts (defaults to false in Rails \u003e= 7.0.x).\n\n# Releases\n\nThe FIXED releases are available at the normal locations.\n\n# Workarounds\n\nAvoid providing user supplied URLs with arbitrary schemes to the `redirect_to` method.\n",
"id": "GHSA-4g8v-vg43-wpgf",
"modified": "2025-01-09T15:37:45Z",
"published": "2023-06-29T15:03:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28362"
},
{
"type": "WEB",
"url": "https://github.com/rails/rails/commit/1c3f93d1e90a3475f9ae2377ead25ccf11f71441"
},
{
"type": "WEB",
"url": "https://github.com/rails/rails/commit/69e37c84e3f77d75566424c7d0015172d6a6fac5"
},
{
"type": "WEB",
"url": "https://github.com/rails/rails/commit/c9ab9b32bcdcfd8bcd55907f6c7b20b4e004cc23"
},
{
"type": "WEB",
"url": "https://discuss.rubyonrails.org/t/cve-2023-28362-possible-xss-via-user-supplied-values-to-redirect-to/83132"
},
{
"type": "PACKAGE",
"url": "https://github.com/rails/rails"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2023-28362.yml"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "Actionpack has possible cross-site scripting vulnerability via User Supplied Values to redirect_to"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.