RHSA-2024:0304
Vulnerability from csaf_redhat
Published
2024-01-18 20:41
Modified
2025-10-04 00:57
Summary
Red Hat Security Advisory: RHACS 3.74 enhancement and security update
Notes
Topic
Updated images are now available for Red Hat Advanced Cluster Security 3.74. The updated images includes bug and security fixes.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release of RHACS 3.74.8 provides the following changes:
* The HTTP/2 functionality in the RHACS Operator webhook has been disabled
to mitigate CVE-2023-44487.
* Fixed postgresql vulnerabilities in multiple images.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security 3.74. The updated images includes bug and security fixes.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of RHACS 3.74.8 provides the following changes:\n\n* The HTTP/2 functionality in the RHACS Operator webhook has been disabled\nto mitigate CVE-2023-44487.\n* Fixed postgresql vulnerabilities in multiple images.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0304",
"url": "https://access.redhat.com/errata/RHSA-2024:0304"
},
{
"category": "external",
"summary": "https://docs.openshift.com/acs/3.74/release_notes/374-release-notes.html",
"url": "https://docs.openshift.com/acs/3.74/release_notes/374-release-notes.html"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2228111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228111"
},
{
"category": "external",
"summary": "2247168",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247168"
},
{
"category": "external",
"summary": "2247169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247169"
},
{
"category": "external",
"summary": "2247170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247170"
},
{
"category": "external",
"summary": "ROX-20391",
"url": "https://issues.redhat.com/browse/ROX-20391"
},
{
"category": "external",
"summary": "ROX-20542",
"url": "https://issues.redhat.com/browse/ROX-20542"
},
{
"category": "external",
"summary": "ROX-21190",
"url": "https://issues.redhat.com/browse/ROX-21190"
},
{
"category": "external",
"summary": "ROX-21784",
"url": "https://issues.redhat.com/browse/ROX-21784"
},
{
"category": "external",
"summary": "ROX-21785",
"url": "https://issues.redhat.com/browse/ROX-21785"
},
{
"category": "external",
"summary": "ROX-21786",
"url": "https://issues.redhat.com/browse/ROX-21786"
},
{
"category": "external",
"summary": "ROX-21787",
"url": "https://issues.redhat.com/browse/ROX-21787"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0304.json"
}
],
"title": "Red Hat Security Advisory: RHACS 3.74 enhancement and security update",
"tracking": {
"current_release_date": "2025-10-04T00:57:19+00:00",
"generator": {
"date": "2025-10-04T00:57:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2024:0304",
"initial_release_date": "2024-01-18T20:41:51+00:00",
"revision_history": [
{
"date": "2024-01-18T20:41:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-01-18T20:41:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-04T00:57:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 3.74 for RHEL 8",
"product": {
"name": "RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=3.74.8-8"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=3.74.8-7"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=3.74.8-9"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=3.74.8-8"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=3.74.8-7"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=3.74.8-9"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=3.74.8-8"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=3.74.8-7"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=3.74.8-9"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=3.74.8-9"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64 as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64",
"relates_to_product_reference": "8Base-RHACS-3.74"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le as a component of RHACS 3.74 for RHEL 8",
"product_id": "8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le",
"relates_to_product_reference": "8Base-RHACS-3.74"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Jingzhou Fu"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-5868",
"cwe": {
"id": "CWE-686",
"name": "Function Call With Incorrect Argument Type"
},
"discovery_date": "2023-10-31T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2247168"
}
],
"notes": [
{
"category": "description",
"text": "A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with \u0027unknown\u0027-type arguments. Handling \u0027unknown\u0027-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql: Memory disclosure in aggregate function calls",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64"
],
"known_not_affected": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-5868"
},
{
"category": "external",
"summary": "RHBZ#2247168",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247168"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-5868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5868"
},
{
"category": "external",
"summary": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/",
"url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
},
{
"category": "external",
"summary": "https://www.postgresql.org/support/security/CVE-2023-5868/",
"url": "https://www.postgresql.org/support/security/CVE-2023-5868/"
}
],
"release_date": "2023-11-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-18T20:41:51+00:00",
"details": "If you are using an earlier version of RHACS 3.74, you are advised to upgrade to patch release 3.74.8.",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0304"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "postgresql: Memory disclosure in aggregate function calls"
},
{
"acknowledgments": [
{
"names": [
"Pedro Gallegos"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-5869",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2023-10-31T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2247169"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server\u0027s memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql: Buffer overrun from integer overflow in array modification",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64"
],
"known_not_affected": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-5869"
},
{
"category": "external",
"summary": "RHBZ#2247169",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247169"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-5869",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5869"
},
{
"category": "external",
"summary": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/",
"url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
},
{
"category": "external",
"summary": "https://www.postgresql.org/support/security/CVE-2023-5869/",
"url": "https://www.postgresql.org/support/security/CVE-2023-5869/"
}
],
"release_date": "2023-11-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-18T20:41:51+00:00",
"details": "If you are using an earlier version of RHACS 3.74, you are advised to upgrade to patch release 3.74.8.",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0304"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "postgresql: Buffer overrun from integer overflow in array modification"
},
{
"acknowledgments": [
{
"names": [
"Mahendrakar Srinivasarao",
"Hemanth Sandrana"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2023-5870",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-10-31T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2247170"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql: Role pg_signal_backend can signal certain superuser processes.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64"
],
"known_not_affected": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-5870"
},
{
"category": "external",
"summary": "RHBZ#2247170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247170"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-5870",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5870"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5870",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5870"
},
{
"category": "external",
"summary": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/",
"url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
},
{
"category": "external",
"summary": "https://www.postgresql.org/support/security/CVE-2023-5870/",
"url": "https://www.postgresql.org/support/security/CVE-2023-5870/"
}
],
"release_date": "2023-11-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-18T20:41:51+00:00",
"details": "If you are using an earlier version of RHACS 3.74, you are advised to upgrade to patch release 3.74.8.",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0304"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "postgresql: Role pg_signal_backend can signal certain superuser processes."
},
{
"cve": "CVE-2023-39417",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2023-08-01T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2228111"
}
],
"notes": [
{
"category": "description",
"text": "IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, \u0027\u0027, or \"\"). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "postgresql: extension script @substitutions@ within quoting allow SQL injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Bundled extensions are not vulnerable. Also, PostgreSQL will block this attack in the core server, so there\u0027s no need to modify individual extensions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64"
],
"known_not_affected": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39417"
},
{
"category": "external",
"summary": "RHBZ#2228111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39417",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39417"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39417",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39417"
},
{
"category": "external",
"summary": "https://www.postgresql.org/support/security/CVE-2023-39417",
"url": "https://www.postgresql.org/support/security/CVE-2023-39417"
}
],
"release_date": "2023-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-01-18T20:41:51+00:00",
"details": "If you are using an earlier version of RHACS 3.74, you are advised to upgrade to patch release 3.74.8.",
"product_ids": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0304"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:4f8a9b5a334d2a2ddcd8d1174a007fc75722b8a1ef53db951767bfcf8a2a55cd_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9738b66518ede2a453399c35bbe4370a4692dd6acd2e3a29036a4074abcbfc3e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c6c389aed1fa429d92b38c137a9036d25e7780fcc6ae93850419b835048aaa69_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:d1908d4ad00269a2e46840f13fe28b1ebfe58010c2e6e63d2b007242673b574f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:f62686b1a19bd8fe0ef052bbde4b8b84c11ed1de1efabd0bd59fa7531c8a3bdb_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-rhel8@sha256:fe52bc3ea806398c0982ca15d594ed20085e7e1ca4041e81c933115bb79c8d15_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:36f8aee19c860cea156b1faf5795fd46bee58af9993d35e68d0a9a2dab622108_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:a8b18859c5f5f1f9242e3346af6bdcdf6c23580fae2b8d9bd283b935805ca7b4_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:cdf3f9637070bb684a8c5f08d91ae21b068e813190db3e55638e8688410e6703_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:0da809964e0abfd857718ec4defa91a2a097649fcf25c88d593ff52092496787_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:ecba5d7dbbf74e3a7894c7d18ebe32607c6234513f0b498119015d2ecf88f241_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-main-rhel8@sha256:efb1a786e49503bb7e10278cea988597d5fe8d6a19e4e106137d8eab36afb716_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:9ba3858a639c3e8e50a2445e54eea49ad4555a02de8597708bb17128b1778780_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:c123d584c63179723718832aba90561ed4838e6546a8c25698dbfe008807b5c7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-operator-bundle@sha256:eacae828588cd2d5bbb41ffdec56f20e8c8113a0549ff218c121826d7e9601fc_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:25260d6f82dc46ca17c25fe78dc7b3cba831b5b72e030f5fb1841c66f5036e02_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:4dc99f97f81df5236b37c19bca4094c54835f00303fca696442fddd0c315b290_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-rhel8-operator@sha256:96f61ccafc4dccfa78948f31fa5253ab958a069412439e59ccca59a8ef49910b_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1694bf23fe49471992572a0dd784ecdc3095908f61d447e278c590fa80c3e7b8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4c0b2c0246fa78a2c2d52f7439b007465ef67b26bc213353df0be459c971aab2_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b37d6a57e78698f664b072e0ffe2f8f6e438cd696cf9ba14a73ca5344690abd7_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:19a8efae0c7b616f3f14b08b2d8e962e71b22a572b95aa8d99c9671296985ed2_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:25388d80461f93743df2b2ea0fe6e332ee86f23d452596751cfa0948c378a995_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3342ed9349de59d7d14a32425aadf850aef4ceeaacb5467a1e118a938e34283f_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:36c4f9404f0ee7457d5a1063b6b9b91c7e24c2c1e02a6902516afbf42adcc755_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:ec99dd00a1ec67096d4a58389c813118f4392d4b23c3954c280919fd63281674_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f72eba20d8474e5da3ee7f54f6d5d873922bbaecf9a79d9620421dd1363627a8_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:2c06eafb5cc0a09680545448948b4633712bdab454aa476cd807e92b2dfe8f3d_ppc64le",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:572dba1997ebdf2b5d509dc260208f5fadcd76cf3e1bd5ac0d4b1c31d43eecc0_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-rhel8@sha256:aa086700ba7628b710b80abf65ae5d936830ede5c26ff90bb36cdbb7db590a48_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:60dedd6dd3ec34767e615cc8c33378164cac92dd651132221e38ed9b9e02bc8e_s390x",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6ecc71fea35832d06bc898da42e5a60536b6f75e119f5dc2789a15aa6873533f_amd64",
"8Base-RHACS-3.74:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:fc5fc6eac2a6746a5094df214c4e0d4d6d3849f0d616b1765cd89d676f28e198_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "postgresql: extension script @substitutions@ within quoting allow SQL injection"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…