Action not permitted
Modal body text goes here.
cve-2022-24999
Vulnerability from cvelistv5
Published
2022-11-26 00:00
Modified
2024-08-03 04:29
Severity ?
EPSS score ?
Summary
qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b&a[__proto__]&a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore Express 4.17.3, which has "deps: qs@6.9.7" in its release description, is not vulnerable).
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/expressjs/express/releases/tag/4.17.3 | Release Notes | |
cve@mitre.org | https://github.com/ljharb/qs/pull/428 | Issue Tracking, Patch | |
cve@mitre.org | https://github.com/n8tz/CVE-2022-24999 | Exploit, Third Party Advisory | |
cve@mitre.org | https://lists.debian.org/debian-lts-announce/2023/01/msg00039.html | Mailing List, Third Party Advisory | |
cve@mitre.org | https://security.netapp.com/advisory/ntap-20230908-0005/ | ||
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/expressjs/express/releases/tag/4.17.3 | Release Notes | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/ljharb/qs/pull/428 | Issue Tracking, Patch | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/n8tz/CVE-2022-24999 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/01/msg00039.html | Mailing List, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20230908-0005/ |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:29:01.569Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "tags": [ "x_transferred" ], "url": "https://github.com/ljharb/qs/pull/428" }, { "tags": [ "x_transferred" ], "url": "https://github.com/n8tz/CVE-2022-24999" }, { "name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3299-1] node-qs security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00039.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230908-0005/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b\u0026a[__proto__]\u0026a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore Express 4.17.3, which has \"deps: qs@6.9.7\" in its release description, is not vulnerable)." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-08T16:06:42.462757", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "url": "https://github.com/ljharb/qs/pull/428" }, { "url": "https://github.com/n8tz/CVE-2022-24999" }, { "name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3299-1] node-qs security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00039.html" }, { "url": "https://security.netapp.com/advisory/ntap-20230908-0005/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-24999", "datePublished": "2022-11-26T00:00:00", "dateReserved": "2022-02-14T00:00:00", "dateUpdated": "2024-08-03T04:29:01.569Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2022-24999\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-11-26T22:15:10.153\",\"lastModified\":\"2024-11-21T06:51:31.643\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b\u0026a[__proto__]\u0026a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore Express 4.17.3, which has \\\"deps: qs@6.9.7\\\" in its release description, is not vulnerable).\"},{\"lang\":\"es\",\"value\":\"qs anterior a 6.10.3, como se usa en Express anterior a 4.17.3 y otros productos, permite a los atacantes provocar que un proceso de Nodo se cuelgue para una aplicaci\u00f3n Express porque se puede usar una clave __ proto__. En muchos casos de uso t\u00edpicos de Express, un atacante remoto no autenticado puede colocar el payload del ataque en la cadena de consulta de la URL que se utiliza para visitar la aplicaci\u00f3n, como a[__proto__]=b\u0026amp;a[__proto__]\u0026amp;a[length] =100000000. La soluci\u00f3n se respald\u00f3 a qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3 y 6.2.4 (y por lo tanto a Express 4.17.3, que tiene \\\"deps : qs@6.9.7\\\" en la descripci\u00f3n de su versi\u00f3n, no es vulnerable).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1321\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qs_project:qs:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"6.2.4\",\"matchCriteriaId\":\"F7960844-79EB-454C-BD4C-C79387E2E573\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qs_project:qs:*:*:*:*:*:node.js:*:*\",\"versionStartIncluding\":\"6.3.0\",\"versionEndExcluding\":\"6.3.3\",\"matchCriteriaId\":\"B836471B-BF39-4B52-B837-70B494D2C45F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qs_project:qs:*:*:*:*:*:node.js:*:*\",\"versionStartIncluding\":\"6.5.0\",\"versionEndExcluding\":\"6.5.3\",\"matchCriteriaId\":\"DF319EA6-E68F-41A8-BB21-FE30F6BD1A9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qs_project:qs:*:*:*:*:*:node.js:*:*\",\"versionStartIncluding\":\"6.7.0\",\"versionEndExcluding\":\"6.7.3\",\"matchCriteriaId\":\"E43C2419-E3F8-4123-8FA8-A0C1B4244D77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qs_project:qs:*:*:*:*:*:node.js:*:*\",\"versionStartIncluding\":\"6.8.0\",\"versionEndExcluding\":\"6.8.3\",\"matchCriteriaId\":\"BB20DBEF-67E2-49FB-BB55-C86F7A83028F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qs_project:qs:*:*:*:*:*:node.js:*:*\",\"versionStartIncluding\":\"6.9.0\",\"versionEndExcluding\":\"6.9.7\",\"matchCriteriaId\":\"49C25B47-56FD-43BF-9DA4-A6100DD291EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qs_project:qs:*:*:*:*:*:node.js:*:*\",\"versionStartIncluding\":\"6.10.0\",\"versionEndExcluding\":\"6.10.3\",\"matchCriteriaId\":\"750DDAB9-4454-4087-8DA1-D05280F59081\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qs_project:qs:6.4.0:*:*:*:*:node.js:*:*\",\"matchCriteriaId\":\"535F43BA-C0A4-441A-A13C-A221ED855613\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qs_project:qs:6.6.0:*:*:*:*:node.js:*:*\",\"matchCriteriaId\":\"870A2680-00C2-43D2-9C4B-D8F52DB16AA1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openjsf:express:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"4.17.3\",\"matchCriteriaId\":\"31382A93-AA97-4D14-ACF6-129F1BDDFD6D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}],\"references\":[{\"url\":\"https://github.com/expressjs/express/releases/tag/4.17.3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ljharb/qs/pull/428\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/n8tz/CVE-2022-24999\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/01/msg00039.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20230908-0005/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/expressjs/express/releases/tag/4.17.3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ljharb/qs/pull/428\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/n8tz/CVE-2022-24999\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/01/msg00039.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20230908-0005/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}" } }
wid-sec-w-2023-1350
Vulnerability from csaf_certbund
Published
2023-06-01 22:00
Modified
2024-02-15 23:00
Summary
Splunk Splunk Enterprise: Mehrere Schwachstellen in Komponenten von Drittanbietern
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Splunk Enterprise ermöglicht Monitoring und Analyse von Clickstream-Daten und Kundentransaktionen.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise in diversen Komponenten von Drittanbietern ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Splunk Enterprise erm\u00f6glicht Monitoring und Analyse von Clickstream-Daten und Kundentransaktionen.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise in diversen Komponenten von Drittanbietern ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows\n- Sonstiges", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1350 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1350.json" }, { "category": "self", "summary": "WID-SEC-2023-1350 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1350" }, { "category": "external", "summary": "Splunk Enterprise Security Advisory SVD-2023-0613 vom 2023-06-01", "url": "https://advisory.splunk.com/advisories/SVD-2023-0613" }, { "category": "external", "summary": "IBM Security Bulletin 7008449 vom 2023-06-29", "url": "https://www.ibm.com/support/pages/node/7008449" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0196-1 vom 2024-01-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017743.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0487-1 vom 2024-02-15", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017931.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0486-1 vom 2024-02-15", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017932.html" } ], "source_lang": "en-US", "title": "Splunk Splunk Enterprise: Mehrere Schwachstellen in Komponenten von Drittanbietern", "tracking": { "current_release_date": "2024-02-15T23:00:00.000+00:00", "generator": { "date": "2024-08-15T17:51:43.161+00:00", "engine": { "name": "BSI-WID", "version": "1.3.5" } }, "id": "WID-SEC-W-2023-1350", "initial_release_date": "2023-06-01T22:00:00.000+00:00", "revision_history": [ { "date": "2023-06-01T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-06-29T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-01-23T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-02-15T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von SUSE aufgenommen" } ], "status": "final", "version": "4" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "IBM DB2", "product": { "name": "IBM DB2", "product_id": "5104", "product_identification_helper": { "cpe": "cpe:/a:ibm:db2:-" } } } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c 8.1.14", "product": { "name": "Splunk Splunk Enterprise \u003c 8.1.14", "product_id": "T027935" } }, { "category": "product_version_range", "name": "\u003c 8.2.11", "product": { "name": "Splunk Splunk Enterprise \u003c 8.2.11", "product_id": "T027936" } }, { "category": "product_version_range", "name": "\u003c 9.0.5", "product": { "name": "Splunk Splunk Enterprise \u003c 9.0.5", "product_id": "T027937" } } ], "category": "product_name", "name": "Splunk Enterprise" } ], "category": "vendor", "name": "Splunk" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-27538", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2023-27538" }, { "cve": "CVE-2023-27537", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2023-27537" }, { "cve": "CVE-2023-27536", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2023-27536" }, { "cve": "CVE-2023-27535", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2023-27535" }, { "cve": "CVE-2023-27534", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2023-27534" }, { "cve": "CVE-2023-27533", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2023-27533" }, { "cve": "CVE-2023-23916", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2023-23916" }, { "cve": "CVE-2023-23915", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2023-23915" }, { "cve": "CVE-2023-23914", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2023-23914" }, { "cve": "CVE-2023-1370", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2023-1370" }, { "cve": "CVE-2023-0286", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2023-0286" }, { "cve": "CVE-2023-0215", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2023-0215" }, { "cve": "CVE-2022-46175", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-46175" }, { "cve": "CVE-2022-43680", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-43680" }, { "cve": "CVE-2022-43552", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-43552" }, { "cve": "CVE-2022-43551", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-43551" }, { "cve": "CVE-2022-4304", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-4304" }, { "cve": "CVE-2022-42916", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-42916" }, { "cve": "CVE-2022-42915", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-42915" }, { "cve": "CVE-2022-42004", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-42004" }, { "cve": "CVE-2022-4200", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-4200" }, { "cve": "CVE-2022-41720", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-41720" }, { "cve": "CVE-2022-41716", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-41716" }, { "cve": "CVE-2022-41715", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-41715" }, { "cve": "CVE-2022-40304", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-40304" }, { "cve": "CVE-2022-40303", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-40303" }, { "cve": "CVE-2022-40023", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-40023" }, { "cve": "CVE-2022-38900", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-38900" }, { "cve": "CVE-2022-37616", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-37616" }, { "cve": "CVE-2022-37603", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-37603" }, { "cve": "CVE-2022-37601", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-37601" }, { "cve": "CVE-2022-37599", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-37599" }, { "cve": "CVE-2022-37434", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-37434" }, { "cve": "CVE-2022-36227", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-36227" }, { "cve": "CVE-2022-35737", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-35737" }, { "cve": "CVE-2022-35260", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-35260" }, { "cve": "CVE-2022-35252", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-35252" }, { "cve": "CVE-2022-3517", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-3517" }, { "cve": "CVE-2022-33987", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-33987" }, { "cve": "CVE-2022-32221", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-32221" }, { "cve": "CVE-2022-32208", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-32208" }, { "cve": "CVE-2022-32207", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-32207" }, { "cve": "CVE-2022-32206", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-32206" }, { "cve": "CVE-2022-32205", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-32205" }, { "cve": "CVE-2022-32189", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-32189" }, { "cve": "CVE-2022-32148", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-32148" }, { "cve": "CVE-2022-31129", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-31129" }, { "cve": "CVE-2022-30635", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-30635" }, { "cve": "CVE-2022-30634", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-30634" }, { "cve": "CVE-2022-30633", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-30633" }, { "cve": "CVE-2022-30632", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-30632" }, { "cve": "CVE-2022-30631", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-30631" }, { "cve": "CVE-2022-30630", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-30630" }, { "cve": "CVE-2022-30629", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-30629" }, { "cve": "CVE-2022-30580", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-30580" }, { "cve": "CVE-2022-30115", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-30115" }, { "cve": "CVE-2022-29804", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-29804" }, { "cve": "CVE-2022-29526", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-29526" }, { "cve": "CVE-2022-2880", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-2880" }, { "cve": "CVE-2022-2879", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-2879" }, { "cve": "CVE-2022-28327", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-28327" }, { "cve": "CVE-2022-28131", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-28131" }, { "cve": "CVE-2022-27782", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-27782" }, { "cve": "CVE-2022-27781", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-27781" }, { "cve": "CVE-2022-27780", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-27780" }, { "cve": "CVE-2022-27779", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-27779" }, { "cve": "CVE-2022-27778", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-27778" }, { "cve": "CVE-2022-27776", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-27776" }, { "cve": "CVE-2022-27775", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-27775" }, { "cve": "CVE-2022-27774", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-27774" }, { "cve": "CVE-2022-27664", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-27664" }, { "cve": "CVE-2022-27191", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-27191" }, { "cve": "CVE-2022-25858", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-25858" }, { "cve": "CVE-2022-24999", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-24999" }, { "cve": "CVE-2022-24921", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-24921" }, { "cve": "CVE-2022-24675", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-24675" }, { "cve": "CVE-2022-23806", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-23806" }, { "cve": "CVE-2022-23773", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-23773" }, { "cve": "CVE-2022-23772", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-23772" }, { "cve": "CVE-2022-23491", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-23491" }, { "cve": "CVE-2022-22576", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-22576" }, { "cve": "CVE-2022-1962", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-1962" }, { "cve": "CVE-2022-1705", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2022-1705" }, { "cve": "CVE-2021-43565", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-43565" }, { "cve": "CVE-2021-3803", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-3803" }, { "cve": "CVE-2021-36976", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-36976" }, { "cve": "CVE-2021-3520", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-3520" }, { "cve": "CVE-2021-33587", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-33587" }, { "cve": "CVE-2021-33503", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-33503" }, { "cve": "CVE-2021-33502", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-33502" }, { "cve": "CVE-2021-31566", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-31566" }, { "cve": "CVE-2021-29060", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-29060" }, { "cve": "CVE-2021-27292", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-27292" }, { "cve": "CVE-2021-23382", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-23382" }, { "cve": "CVE-2021-23368", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-23368" }, { "cve": "CVE-2021-23343", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-23343" }, { "cve": "CVE-2021-22947", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-22947" }, { "cve": "CVE-2021-22946", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-22946" }, { "cve": "CVE-2021-22945", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-22945" }, { "cve": "CVE-2021-22926", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-22926" }, { "cve": "CVE-2021-22925", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-22925" }, { "cve": "CVE-2021-22924", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-22924" }, { "cve": "CVE-2021-22923", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-22923" }, { "cve": "CVE-2021-22922", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-22922" }, { "cve": "CVE-2021-22901", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-22901" }, { "cve": "CVE-2021-22898", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-22898" }, { "cve": "CVE-2021-22897", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-22897" }, { "cve": "CVE-2021-22890", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-22890" }, { "cve": "CVE-2021-22876", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-22876" }, { "cve": "CVE-2021-20095", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2021-20095" }, { "cve": "CVE-2020-8286", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2020-8286" }, { "cve": "CVE-2020-8285", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2020-8285" }, { "cve": "CVE-2020-8284", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2020-8284" }, { "cve": "CVE-2020-8231", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2020-8231" }, { "cve": "CVE-2020-8203", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2020-8203" }, { "cve": "CVE-2020-8177", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2020-8177" }, { "cve": "CVE-2020-8169", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2020-8169" }, { "cve": "CVE-2020-8116", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2020-8116" }, { "cve": "CVE-2020-7774", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2020-7774" }, { "cve": "CVE-2020-7753", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2020-7753" }, { "cve": "CVE-2020-7662", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2020-7662" }, { "cve": "CVE-2020-28469", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2020-28469" }, { "cve": "CVE-2020-15138", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2020-15138" }, { "cve": "CVE-2020-13822", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2020-13822" }, { "cve": "CVE-2019-20149", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2019-20149" }, { "cve": "CVE-2019-10746", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2019-10746" }, { "cve": "CVE-2019-10744", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2019-10744" }, { "cve": "CVE-2018-25032", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2018-25032" }, { "cve": "CVE-2017-16042", "notes": [ { "category": "description", "text": "Es existieren mehrere Schwachstellen in Splunk Splunk Enterprise in zahlreichen Komponenten von Drittanbietern (OpenSSL, curl, go, zlib, SQLite, json und weitere), die zum aktuellen Zeitpunkt nicht im Detail beschrieben und ver\u00f6ffentlicht wurden. Ein Angreifer kann diese Schwachstellen ausnutzen, um nicht n\u00e4her spezifizierte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T002207", "5104" ] }, "release_date": "2023-06-01T22:00:00.000+00:00", "title": "CVE-2017-16042" } ] }
wid-sec-w-2023-0809
Vulnerability from csaf_certbund
Published
2023-03-30 22:00
Modified
2024-02-19 23:00
Summary
IBM QRadar SIEM: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuführen, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuführen oder unbekannte Auswirkungen zu verursachen.
Betroffene Betriebssysteme
- Linux
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "IBM QRadar Security Information and Event Management (SIEM) bietet Unterst\u00fctzung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen.", "title": "Angriff" }, { "category": "general", "text": "- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0809 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0809.json" }, { "category": "self", "summary": "WID-SEC-2023-0809 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0809" }, { "category": "external", "summary": "IBM Security Bulletin: 6967283 vom 2023-03-30", "url": "https://www.ibm.com/support/pages/node/6967283" }, { "category": "external", "summary": "IBM Security Bulletin: 6967333 vom 2023-03-30", "url": "https://www.ibm.com/support/pages/node/6967333" }, { "category": "external", "summary": "IBM Security Bulletin 6980799 vom 2023-04-04", "url": "https://www.ibm.com/support/pages/node/6980799" }, { "category": "external", "summary": "IBM Security Bulletin 7108657 vom 2024-01-17", "url": "https://www.ibm.com/support/pages/node/7108657" }, { "category": "external", "summary": "Fedora Security Advisory FEDORA-2024-5ECC250449 vom 2024-02-19", "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-5ecc250449" } ], "source_lang": "en-US", "title": "IBM QRadar SIEM: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-02-19T23:00:00.000+00:00", "generator": { "date": "2024-08-15T17:47:38.606+00:00", "engine": { "name": "BSI-WID", "version": "1.3.5" } }, "id": "WID-SEC-W-2023-0809", "initial_release_date": "2023-03-30T22:00:00.000+00:00", "revision_history": [ { "date": "2023-03-30T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-04-04T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-01-16T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-02-19T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Fedora aufgenommen" } ], "status": "final", "version": "4" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Fedora Linux", "product": { "name": "Fedora Linux", "product_id": "74185", "product_identification_helper": { "cpe": "cpe:/o:fedoraproject:fedora:-" } } } ], "category": "vendor", "name": "Fedora" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "7.5", "product": { "name": "IBM QRadar SIEM 7.5", "product_id": "T022954", "product_identification_helper": { "cpe": "cpe:/a:ibm:qradar_siem:7.5" } } }, { "category": "product_version_range", "name": "\u003c User Behavior Analytics 4.1.11", "product": { "name": "IBM QRadar SIEM \u003c User Behavior Analytics 4.1.11", "product_id": "T027026" } }, { "category": "product_version_range", "name": "\u003c 7.4.3 FP9", "product": { "name": "IBM QRadar SIEM \u003c 7.4.3 FP9", "product_id": "T027027" } }, { "category": "product_version_range", "name": "\u003c 7.5.0 UP5", "product": { "name": "IBM QRadar SIEM \u003c 7.5.0 UP5", "product_id": "T027028" } } ], "category": "product_name", "name": "QRadar SIEM" } ], "category": "vendor", "name": "IBM" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-22809", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2023-22809" }, { "cve": "CVE-2022-4883", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-4883" }, { "cve": "CVE-2022-46364", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-46364" }, { "cve": "CVE-2022-46363", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-46363" }, { "cve": "CVE-2022-45143", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-45143" }, { "cve": "CVE-2022-42890", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-42890" }, { "cve": "CVE-2022-4254", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-4254" }, { "cve": "CVE-2022-42252", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-42252" }, { "cve": "CVE-2022-41966", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-41966" }, { "cve": "CVE-2022-41946", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-41946" }, { "cve": "CVE-2022-41704", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-41704" }, { "cve": "CVE-2022-40156", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-40156" }, { "cve": "CVE-2022-40155", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-40155" }, { "cve": "CVE-2022-40154", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-40154" }, { "cve": "CVE-2022-40153", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-40153" }, { "cve": "CVE-2022-40152", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-40152" }, { "cve": "CVE-2022-40150", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-40150" }, { "cve": "CVE-2022-40149", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-40149" }, { "cve": "CVE-2022-37603", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-37603" }, { "cve": "CVE-2022-37601", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-37601" }, { "cve": "CVE-2022-37599", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-37599" }, { "cve": "CVE-2022-37598", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-37598" }, { "cve": "CVE-2022-3676", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-3676" }, { "cve": "CVE-2022-36364", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-36364" }, { "cve": "CVE-2022-36033", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-36033" }, { "cve": "CVE-2022-34917", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-34917" }, { "cve": "CVE-2022-31197", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-31197" }, { "cve": "CVE-2022-31129", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-31129" }, { "cve": "CVE-2022-2964", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-2964" }, { "cve": "CVE-2022-28733", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-28733" }, { "cve": "CVE-2022-2795", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-2795" }, { "cve": "CVE-2022-25927", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-25927" }, { "cve": "CVE-2022-25901", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-25901" }, { "cve": "CVE-2022-25758", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-25758" }, { "cve": "CVE-2022-25647", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-25647" }, { "cve": "CVE-2022-24999", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-24999" }, { "cve": "CVE-2022-24839", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-24839" }, { "cve": "CVE-2022-24823", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-24823" }, { "cve": "CVE-2022-24785", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-24785" }, { "cve": "CVE-2022-23437", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-23437" }, { "cve": "CVE-2022-22971", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-22971" }, { "cve": "CVE-2022-22970", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-22970" }, { "cve": "CVE-2022-21724", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-21724" }, { "cve": "CVE-2022-21628", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-21628" }, { "cve": "CVE-2022-21626", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-21626" }, { "cve": "CVE-2022-21624", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-21624" }, { "cve": "CVE-2022-21619", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2022-21619" }, { "cve": "CVE-2021-43797", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-43797" }, { "cve": "CVE-2021-42740", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-42740" }, { "cve": "CVE-2021-42581", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-42581" }, { "cve": "CVE-2021-39227", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-39227" }, { "cve": "CVE-2021-3918", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-3918" }, { "cve": "CVE-2021-3807", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-3807" }, { "cve": "CVE-2021-37713", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-37713" }, { "cve": "CVE-2021-37712", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-37712" }, { "cve": "CVE-2021-37701", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-37701" }, { "cve": "CVE-2021-3765", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-3765" }, { "cve": "CVE-2021-37137", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-37137" }, { "cve": "CVE-2021-37136", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-37136" }, { "cve": "CVE-2021-32804", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-32804" }, { "cve": "CVE-2021-32803", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-32803" }, { "cve": "CVE-2021-29060", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-29060" }, { "cve": "CVE-2021-26401", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-26401" }, { "cve": "CVE-2021-25220", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-25220" }, { "cve": "CVE-2021-23450", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-23450" }, { "cve": "CVE-2021-23382", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-23382" }, { "cve": "CVE-2021-23368", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-23368" }, { "cve": "CVE-2021-23364", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-23364" }, { "cve": "CVE-2021-23362", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-23362" }, { "cve": "CVE-2021-23343", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-23343" }, { "cve": "CVE-2021-21409", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-21409" }, { "cve": "CVE-2021-21295", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-21295" }, { "cve": "CVE-2021-21290", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2021-21290" }, { "cve": "CVE-2020-7764", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2020-7764" }, { "cve": "CVE-2020-5259", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2020-5259" }, { "cve": "CVE-2020-24025", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2020-24025" }, { "cve": "CVE-2020-15366", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2020-15366" }, { "cve": "CVE-2020-13936", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2020-13936" }, { "cve": "CVE-2019-6286", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2019-6286" }, { "cve": "CVE-2019-6284", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2019-6284" }, { "cve": "CVE-2019-6283", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2019-6283" }, { "cve": "CVE-2019-10785", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2019-10785" }, { "cve": "CVE-2018-8036", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2018-8036" }, { "cve": "CVE-2018-20821", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2018-20821" }, { "cve": "CVE-2018-20190", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2018-20190" }, { "cve": "CVE-2018-19839", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2018-19839" }, { "cve": "CVE-2018-19838", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2018-19838" }, { "cve": "CVE-2018-19827", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2018-19827" }, { "cve": "CVE-2018-19797", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2018-19797" }, { "cve": "CVE-2018-15494", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2018-15494" }, { "cve": "CVE-2018-11698", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2018-11698" }, { "cve": "CVE-2018-11694", "notes": [ { "category": "description", "text": "In IBM QRadar SIEM existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Software-Komponenten von QRadar. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen, Informationen falsch darzustellen, einen Denial of Service Zustand herbeizuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren oder unbekannte Auswirkungen zu verursachen." } ], "product_status": { "known_affected": [ "T022954", "74185" ] }, "release_date": "2023-03-30T22:00:00.000+00:00", "title": "CVE-2018-11694" } ] }
wid-sec-w-2023-0822
Vulnerability from csaf_certbund
Published
2023-04-02 22:00
Modified
2023-04-02 22:00
Summary
HCL BigFix: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
BigFix ist eine Lösung zum Erkennen und Verwalten von physischen und virtuellen Endpunkten.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in HCL BigFix ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "BigFix ist eine L\u00f6sung zum Erkennen und Verwalten von physischen und virtuellen Endpunkten.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in HCL BigFix ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0822 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0822.json" }, { "category": "self", "summary": "WID-SEC-2023-0822 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0822" }, { "category": "external", "summary": "HCL Security Advisory vom 2023-04-02", "url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0104034" } ], "source_lang": "en-US", "title": "HCL BigFix: Schwachstelle erm\u00f6glicht Denial of Service", "tracking": { "current_release_date": "2023-04-02T22:00:00.000+00:00", "generator": { "date": "2024-08-15T17:47:44.337+00:00", "engine": { "name": "BSI-WID", "version": "1.3.5" } }, "id": "WID-SEC-W-2023-0822", "initial_release_date": "2023-04-02T22:00:00.000+00:00", "revision_history": [ { "date": "2023-04-02T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "HCL BigFix \u003c 9.5.65", "product": { "name": "HCL BigFix \u003c 9.5.65", "product_id": "T027045", "product_identification_helper": { "cpe": "cpe:/a:hcltech:bigfix:9.5.65" } } } ], "category": "vendor", "name": "HCL" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-24999", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in HCL BigFix. In der Komponente \"qs\" besteht eine Anf\u00e4lligkeit f\u00fcr einen speziell manipulierten Query-String. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren." } ], "release_date": "2023-04-02T22:00:00.000+00:00", "title": "CVE-2022-24999" } ] }
wid-sec-w-2023-2229
Vulnerability from csaf_certbund
Published
2023-08-30 22:00
Modified
2024-08-12 22:00
Summary
Splunk Splunk Enterprise: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Splunk Enterprise ermöglicht Monitoring und Analyse von Clickstream-Daten und Kundentransaktionen.
Angriff
Ein entfernter, authentifizierter Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise ausnutzen, um beliebigen Code auszuführen, einen 'Denial of Service'-Zustand zu verursachen, seine Privilegien zu erweitern und weitere, nicht spezifizierte Auswirkungen zu verursachen.
Betroffene Betriebssysteme
- Linux
- MacOS X
- Windows
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Splunk Enterprise erm\u00f6glicht Monitoring und Analyse von Clickstream-Daten und Kundentransaktionen.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, authentifizierter Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen, seine Privilegien zu erweitern und weitere, nicht spezifizierte Auswirkungen zu verursachen.", "title": "Angriff" }, { "category": "general", "text": "- Linux\n- MacOS X\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-2229 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2229.json" }, { "category": "self", "summary": "WID-SEC-2023-2229 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2229" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0801" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0802" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0803" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0804" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0805" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0806" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0807" }, { "category": "external", "summary": "Splunk Security Advisory vom 2023-08-30", "url": "https://advisory.splunk.com//advisories/SVD-2023-0808" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2024:0196-1 vom 2024-01-23", "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-January/017743.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-2988 vom 2024-05-28", "url": "https://linux.oracle.com/errata/ELSA-2024-2988.html" }, { "category": "external", "summary": "Splunk Security Advisory SVD-2024-0718 vom 2024-07-02", "url": "https://advisory.splunk.com/advisories/SVD-2024-0718" }, { "category": "external", "summary": "Splunk Security Advisory SVD-2024-0801 vom 2024-08-12", "url": "https://advisory.splunk.com//advisories/SVD-2024-0801" } ], "source_lang": "en-US", "title": "Splunk Splunk Enterprise: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-08-12T22:00:00.000+00:00", "generator": { "date": "2024-08-15T17:57:53.670+00:00", "engine": { "name": "BSI-WID", "version": "1.3.5" } }, "id": "WID-SEC-W-2023-2229", "initial_release_date": "2023-08-30T22:00:00.000+00:00", "revision_history": [ { "date": "2023-08-30T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2024-01-23T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2024-05-28T22:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2024-07-01T22:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Splunk-SVD aufgenommen" }, { "date": "2024-08-12T22:00:00.000+00:00", "number": "5", "summary": "Neue Updates von Splunk-SVD aufgenommen" } ], "status": "final", "version": "5" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "branches": [ { "category": "product_name", "name": "Splunk Splunk Enterprise", "product": { "name": "Splunk Splunk Enterprise", "product_id": "T008911", "product_identification_helper": { "cpe": "cpe:/a:splunk:splunk:-" } } }, { "category": "product_version_range", "name": "\u003c9.1.1", "product": { "name": "Splunk Splunk Enterprise \u003c9.1.1", "product_id": "T029634" } }, { "category": "product_version_range", "name": "\u003c9.0.6", "product": { "name": "Splunk Splunk Enterprise \u003c9.0.6", "product_id": "T029635" } }, { "category": "product_version_range", "name": "\u003c8.2.12", "product": { "name": "Splunk Splunk Enterprise \u003c8.2.12", "product_id": "T029636" } }, { "category": "product_version_range", "name": "\u003c9.2.1", "product": { "name": "Splunk Splunk Enterprise \u003c9.2.1", "product_id": "T033705" } }, { "category": "product_version_range", "name": "\u003c9.1.4", "product": { "name": "Splunk Splunk Enterprise \u003c9.1.4", "product_id": "T033718" } }, { "category": "product_version_range", "name": "\u003c9.0.9", "product": { "name": "Splunk Splunk Enterprise \u003c9.0.9", "product_id": "T033720" } } ], "category": "product_name", "name": "Splunk Enterprise" } ], "category": "vendor", "name": "Splunk" } ] }, "vulnerabilities": [ { "cve": "CVE-2013-7489", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2013-7489" }, { "cve": "CVE-2018-10237", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2018-10237" }, { "cve": "CVE-2018-20225", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2018-20225" }, { "cve": "CVE-2019-20454", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2019-20454" }, { "cve": "CVE-2019-20838", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2019-20838" }, { "cve": "CVE-2020-14155", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2020-14155" }, { "cve": "CVE-2020-28469", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2020-28469" }, { "cve": "CVE-2020-28851", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2020-28851" }, { "cve": "CVE-2020-29652", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2020-29652" }, { "cve": "CVE-2020-8169", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2020-8169" }, { "cve": "CVE-2020-8177", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2020-8177" }, { "cve": "CVE-2020-8231", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2020-8231" }, { "cve": "CVE-2020-8284", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2020-8284" }, { "cve": "CVE-2020-8285", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2020-8285" }, { "cve": "CVE-2020-8286", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2020-8286" }, { "cve": "CVE-2020-8908", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2020-8908" }, { "cve": "CVE-2021-20066", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-20066" }, { "cve": "CVE-2021-22569", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-22569" }, { "cve": "CVE-2021-22876", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-22876" }, { "cve": "CVE-2021-22890", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-22890" }, { "cve": "CVE-2021-22897", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-22897" }, { "cve": "CVE-2021-22898", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-22898" }, { "cve": "CVE-2021-22901", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-22901" }, { "cve": "CVE-2021-22922", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-22922" }, { "cve": "CVE-2021-22923", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-22923" }, { "cve": "CVE-2021-22924", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-22924" }, { "cve": "CVE-2021-22925", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-22925" }, { "cve": "CVE-2021-22926", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-22926" }, { "cve": "CVE-2021-22945", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-22945" }, { "cve": "CVE-2021-22946", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-22946" }, { "cve": "CVE-2021-22947", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-22947" }, { "cve": "CVE-2021-23343", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-23343" }, { "cve": "CVE-2021-23382", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-23382" }, { "cve": "CVE-2021-27918", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-27918" }, { "cve": "CVE-2021-27919", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-27919" }, { "cve": "CVE-2021-29060", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-29060" }, { "cve": "CVE-2021-29425", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-29425" }, { "cve": "CVE-2021-29923", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-29923" }, { "cve": "CVE-2021-31525", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-31525" }, { "cve": "CVE-2021-31566", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-31566" }, { "cve": "CVE-2021-33194", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-33194" }, { "cve": "CVE-2021-33195", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-33195" }, { "cve": "CVE-2021-33196", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-33196" }, { "cve": "CVE-2021-33197", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-33197" }, { "cve": "CVE-2021-33198", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-33198" }, { "cve": "CVE-2021-34558", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-34558" }, { "cve": "CVE-2021-3520", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-3520" }, { "cve": "CVE-2021-3572", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-3572" }, { "cve": "CVE-2021-36221", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-36221" }, { "cve": "CVE-2021-36976", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-36976" }, { "cve": "CVE-2021-3803", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-3803" }, { "cve": "CVE-2021-38297", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-38297" }, { "cve": "CVE-2021-38561", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-38561" }, { "cve": "CVE-2021-39293", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-39293" }, { "cve": "CVE-2021-41182", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-41182" }, { "cve": "CVE-2021-41183", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-41183" }, { "cve": "CVE-2021-41184", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-41184" }, { "cve": "CVE-2021-41771", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-41771" }, { "cve": "CVE-2021-41772", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-41772" }, { "cve": "CVE-2021-43565", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-43565" }, { "cve": "CVE-2021-44716", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-44716" }, { "cve": "CVE-2021-44717", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2021-44717" }, { "cve": "CVE-2022-1705", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-1705" }, { "cve": "CVE-2022-1941", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-1941" }, { "cve": "CVE-2022-1962", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-1962" }, { "cve": "CVE-2022-22576", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-22576" }, { "cve": "CVE-2022-2309", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-2309" }, { "cve": "CVE-2022-23491", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-23491" }, { "cve": "CVE-2022-23772", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-23772" }, { "cve": "CVE-2022-23773", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-23773" }, { "cve": "CVE-2022-23806", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-23806" }, { "cve": "CVE-2022-24675", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-24675" }, { "cve": "CVE-2022-24921", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-24921" }, { "cve": "CVE-2022-24999", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-24999" }, { "cve": "CVE-2022-25881", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-25881" }, { "cve": "CVE-2022-27191", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-27191" }, { "cve": "CVE-2022-27536", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-27536" }, { "cve": "CVE-2022-27664", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-27664" }, { "cve": "CVE-2022-27774", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-27774" }, { "cve": "CVE-2022-27775", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-27775" }, { "cve": "CVE-2022-27776", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-27776" }, { "cve": "CVE-2022-27778", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-27778" }, { "cve": "CVE-2022-27779", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-27779" }, { "cve": "CVE-2022-27780", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-27780" }, { "cve": "CVE-2022-27781", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-27781" }, { "cve": "CVE-2022-27782", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-27782" }, { "cve": "CVE-2022-28131", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-28131" }, { "cve": "CVE-2022-28327", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-28327" }, { "cve": "CVE-2022-2879", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-2879" }, { "cve": "CVE-2022-2880", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-2880" }, { "cve": "CVE-2022-29526", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-29526" }, { "cve": "CVE-2022-29804", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-29804" }, { "cve": "CVE-2022-30115", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-30115" }, { "cve": "CVE-2022-30580", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-30580" }, { "cve": "CVE-2022-30629", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-30629" }, { "cve": "CVE-2022-30630", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-30630" }, { "cve": "CVE-2022-30631", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-30631" }, { "cve": "CVE-2022-30632", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-30632" }, { "cve": "CVE-2022-30633", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-30633" }, { "cve": "CVE-2022-30634", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-30634" }, { "cve": "CVE-2022-30635", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-30635" }, { "cve": "CVE-2022-31129", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-31129" }, { "cve": "CVE-2022-3171", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-3171" }, { "cve": "CVE-2022-32148", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-32148" }, { "cve": "CVE-2022-32149", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-32149" }, { "cve": "CVE-2022-32189", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-32189" }, { "cve": "CVE-2022-32205", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-32205" }, { "cve": "CVE-2022-32206", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-32206" }, { "cve": "CVE-2022-32207", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-32207" }, { "cve": "CVE-2022-32208", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-32208" }, { "cve": "CVE-2022-32221", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-32221" }, { "cve": "CVE-2022-33987", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-33987" }, { "cve": "CVE-2022-3509", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-3509" }, { "cve": "CVE-2022-3510", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-3510" }, { "cve": "CVE-2022-3517", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-3517" }, { "cve": "CVE-2022-35252", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-35252" }, { "cve": "CVE-2022-35260", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-35260" }, { "cve": "CVE-2022-35737", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-35737" }, { "cve": "CVE-2022-36227", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-36227" }, { "cve": "CVE-2022-37599", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-37599" }, { "cve": "CVE-2022-37601", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-37601" }, { "cve": "CVE-2022-37603", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-37603" }, { "cve": "CVE-2022-38900", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-38900" }, { "cve": "CVE-2022-40023", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-40023" }, { "cve": "CVE-2022-40897", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-40897" }, { "cve": "CVE-2022-40899", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-40899" }, { "cve": "CVE-2022-41715", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-41715" }, { "cve": "CVE-2022-41716", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-41716" }, { "cve": "CVE-2022-41720", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-41720" }, { "cve": "CVE-2022-41722", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-41722" }, { "cve": "CVE-2022-42003", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-42003" }, { "cve": "CVE-2022-42004", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-42004" }, { "cve": "CVE-2022-42915", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-42915" }, { "cve": "CVE-2022-42916", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-42916" }, { "cve": "CVE-2022-43551", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-43551" }, { "cve": "CVE-2022-43552", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-43552" }, { "cve": "CVE-2022-46175", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2022-46175" }, { "cve": "CVE-2023-23914", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-23914" }, { "cve": "CVE-2023-23915", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-23915" }, { "cve": "CVE-2023-23916", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-23916" }, { "cve": "CVE-2023-24539", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-24539" }, { "cve": "CVE-2023-24540", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-24540" }, { "cve": "CVE-2023-27533", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-27533" }, { "cve": "CVE-2023-27534", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-27534" }, { "cve": "CVE-2023-27535", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-27535" }, { "cve": "CVE-2023-27536", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-27536" }, { "cve": "CVE-2023-27537", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-27537" }, { "cve": "CVE-2023-27538", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-27538" }, { "cve": "CVE-2023-29400", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-29400" }, { "cve": "CVE-2023-29402", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-29402" }, { "cve": "CVE-2023-29403", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-29403" }, { "cve": "CVE-2023-29404", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-29404" }, { "cve": "CVE-2023-29405", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Third Party Packages in Splunk Splunk Enterprise. Diese Fehler existieren unter anderem in den curl, go, decode-uri-Komponente, got, loader-utils, postcss, color-string, glob-parent, minimatch und moment Komponenten. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen nicht spezifizierten Angriff durchzuf\u00fchren." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-29405" }, { "cve": "CVE-2023-40592", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-40592" }, { "cve": "CVE-2023-40593", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-40593" }, { "cve": "CVE-2023-40594", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-40594" }, { "cve": "CVE-2023-40595", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-40595" }, { "cve": "CVE-2023-40596", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-40596" }, { "cve": "CVE-2023-40597", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-40597" }, { "cve": "CVE-2023-40598", "notes": [ { "category": "description", "text": "Es bestehen mehrere Schwachstellen in Splunk Splunk Enterprise. Diese Fehler bestehen in den REST-Endpunkten /app/search/table, /saml/acs, Serialized Session Payload, Dynamic Link Library, runshellscript.py und in den runshellscript-Komponenten sowie in der SPL-Funktion \u0027printf\u0027, u. a. aufgrund eines reflektierten Cross-Site-Scripting (XSS), einer unsachgem\u00e4\u00dfen Signaturvalidierung, einer unsachgem\u00e4\u00dfen Ausdrucksvalidierung und eines Path Traversal. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu verursachen und seine Privilegien zu erweitern." } ], "product_status": { "known_affected": [ "T033720", "T002207", "T008911", "T033718", "T033705", "T004914" ] }, "release_date": "2023-08-30T22:00:00.000+00:00", "title": "CVE-2023-40598" } ] }
wid-sec-w-2023-1295
Vulnerability from csaf_certbund
Published
2023-05-23 22:00
Modified
2023-06-15 22:00
Summary
Red Hat OpenShift: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.
Angriff
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service zu verursachen.
Betroffene Betriebssysteme
- Linux
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service zu verursachen.", "title": "Angriff" }, { "category": "general", "text": "- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1295 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1295.json" }, { "category": "self", "summary": "WID-SEC-2023-1295 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1295" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:3645 vom 2023-06-16", "url": "https://access.redhat.com/errata/RHSA-2023:3645" }, { "category": "external", "summary": "RedHat Security Advisory vom 2023-05-23", "url": "https://access.redhat.com/errata/RHSA-2023:3265" } ], "source_lang": "en-US", "title": "Red Hat OpenShift: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-06-15T22:00:00.000+00:00", "generator": { "date": "2024-08-15T17:51:23.179+00:00", "engine": { "name": "BSI-WID", "version": "1.3.5" } }, "id": "WID-SEC-W-2023-1295", "initial_release_date": "2023-05-23T22:00:00.000+00:00", "revision_history": [ { "date": "2023-05-23T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-06-15T22:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Red Hat aufgenommen" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } }, { "category": "product_name", "name": "Red Hat OpenShift Data Foundation 4", "product": { "name": "Red Hat OpenShift Data Foundation 4", "product_id": "T022509", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:container_platform_4" } } } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-24999", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in Red Hat OpenShift. Im express.js npm-Paket von nodejs:14 module stream besteht ein Prototyp-Pollution-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service zu verursachen." } ], "product_status": { "known_affected": [ "67646", "T022509" ] }, "release_date": "2023-05-23T22:00:00.000+00:00", "title": "CVE-2022-24999" }, { "cve": "CVE-2022-23539", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in Red Hat OpenShift. Bestimmte Versionen der jsonwebtoken-Bibliothek k\u00f6nnen falsch konfiguriert werden, so dass veraltete, unsichere Schl\u00fcsseltypen f\u00fcr die Signaturpr\u00fcfung verwendet werden. Ein authentisierter Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsvorkehrungen zu umgehen." } ], "product_status": { "known_affected": [ "67646", "T022509" ] }, "release_date": "2023-05-23T22:00:00.000+00:00", "title": "CVE-2022-23539" } ] }
wid-sec-w-2023-0398
Vulnerability from csaf_certbund
Published
2023-02-15 23:00
Modified
2023-03-22 23:00
Summary
Red Hat Advanced Cluster Management for Kubernetes: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle im Red Hat Advanced Cluster Management for Kubernetes ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle im Red Hat Advanced Cluster Management for Kubernetes ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0398 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0398.json" }, { "category": "self", "summary": "WID-SEC-2023-0398 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0398" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:1428 vom 2023-03-23", "url": "https://access.redhat.com/errata/RHSA-2023:1428" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0930 vom 2023-03-09", "url": "https://access.redhat.com/errata/RHSA-2023:0930" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0932 vom 2023-03-09", "url": "https://access.redhat.com/errata/RHSA-2023:0932" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2023:0934 vom 2023-02-28", "url": "https://access.redhat.com/errata/RHSA-2023:0934" }, { "category": "external", "summary": "Red Hat Security Advisory vom 2023-02-15", "url": "https://access.redhat.com/errata/RHSA-2023:0794" } ], "source_lang": "en-US", "title": "Red Hat Advanced Cluster Management for Kubernetes: Schwachstelle erm\u00f6glicht Denial of Service", "tracking": { "current_release_date": "2023-03-22T23:00:00.000+00:00", "generator": { "date": "2024-08-15T17:43:51.520+00:00", "engine": { "name": "BSI-WID", "version": "1.3.5" } }, "id": "WID-SEC-W-2023-0398", "initial_release_date": "2023-02-15T23:00:00.000+00:00", "revision_history": [ { "date": "2023-02-15T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2023-02-27T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-03-08T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2023-03-22T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von Red Hat aufgenommen" } ], "status": "final", "version": "4" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux 8", "product": { "name": "Red Hat Enterprise Linux 8", "product_id": "T014111", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:8" } } } ], "category": "product_name", "name": "Enterprise Linux" }, { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift 5 Logging Subsystem", "product": { "name": "Red Hat OpenShift 5 Logging Subsystem", "product_id": "T026681", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:5::logging_subsystem" } } }, { "category": "product_name", "name": "Red Hat OpenShift Logging Subsystem 5.6.3", "product": { "name": "Red Hat OpenShift Logging Subsystem 5.6.3", "product_id": "T026683", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:5.6.3::logging_subsystem" } } } ], "category": "product_name", "name": "OpenShift" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-24999", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in Red Hat Enterprise Linux bez\u00fcglich des Advanced Cluster Management for Kubernetes. In der Komponente \"qs\" besteht die Anf\u00e4lligkeit f\u00fcr eine Prototype-Pollution, die zum Absturz des \"Node\"-Prozesses f\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren." } ], "product_status": { "known_affected": [ "T026681", "67646", "T014111", "T026683" ] }, "release_date": "2023-02-15T23:00:00.000+00:00", "title": "CVE-2022-24999" } ] }
ghsa-hrpp-h998-j3pp
Vulnerability from github
Published
2022-11-27 00:30
Modified
2024-02-13 20:35
Severity ?
Summary
qs vulnerable to Prototype Pollution
Details
qs before 6.10.3 allows attackers to cause a Node process hang because an __ proto__
key can be used. In many typical web framework use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b&a[__proto__]&a[length]=100000000
. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4.
{ "affected": [ { "package": { "ecosystem": "npm", "name": "qs" }, "ranges": [ { "events": [ { "introduced": "6.10.0" }, { "fixed": "6.10.3" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "npm", "name": "qs" }, "ranges": [ { "events": [ { "introduced": "6.9.0" }, { "fixed": "6.9.7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "npm", "name": "qs" }, "ranges": [ { "events": [ { "introduced": "6.8.0" }, { "fixed": "6.8.3" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "npm", "name": "qs" }, "ranges": [ { "events": [ { "introduced": "6.7.0" }, { "fixed": "6.7.3" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "npm", "name": "qs" }, "ranges": [ { "events": [ { "introduced": "6.6.0" }, { "fixed": "6.6.1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "npm", "name": "qs" }, "ranges": [ { "events": [ { "introduced": "6.5.0" }, { "fixed": "6.5.3" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "npm", "name": "qs" }, "ranges": [ { "events": [ { "introduced": "6.4.0" }, { "fixed": "6.4.1" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "npm", "name": "qs" }, "ranges": [ { "events": [ { "introduced": "6.3.0" }, { "fixed": "6.3.3" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "npm", "name": "qs" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "6.2.4" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2022-24999" ], "database_specific": { "cwe_ids": [ "CWE-1321" ], "github_reviewed": true, "github_reviewed_at": "2022-12-06T14:32:46Z", "nvd_published_at": "2022-11-26T22:15:00Z", "severity": "HIGH" }, "details": "qs before 6.10.3 allows attackers to cause a Node process hang because an `__ proto__` key can be used. In many typical web framework use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as `a[__proto__]=b\u0026a[__proto__]\u0026a[length]=100000000`. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4.", "id": "GHSA-hrpp-h998-j3pp", "modified": "2024-02-13T20:35:49Z", "published": "2022-11-27T00:30:50Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999" }, { "type": "WEB", "url": "https://github.com/ljharb/qs/pull/428" }, { "type": "WEB", "url": "https://github.com/ljharb/qs/commit/4310742efbd8c03f6495f07906b45213da0a32ec" }, { "type": "WEB", "url": "https://github.com/ljharb/qs/commit/727ef5d34605108acb3513f72d5435972ed15b68" }, { "type": "WEB", "url": "https://github.com/ljharb/qs/commit/73205259936317b40f447c5cdb71c5b341848e1b" }, { "type": "WEB", "url": "https://github.com/ljharb/qs/commit/8b4cc14cda94a5c89341b77e5fe435ec6c41be2d" }, { "type": "WEB", "url": "https://github.com/ljharb/qs/commit/ba24e74dd17931f825adb52f5633e48293b584e1" }, { "type": "WEB", "url": "https://github.com/ljharb/qs/commit/e799ba57e573a30c14b67c1889c7c04d508b9105" }, { "type": "WEB", "url": "https://github.com/ljharb/qs/commit/ed0f5dcbef4b168a8ae299d78b1e4a2e9b1baf1f" }, { "type": "WEB", "url": "https://github.com/ljharb/qs/commit/f945393cfe442fe8c6e62b4156fd35452c0686ee" }, { "type": "WEB", "url": "https://github.com/ljharb/qs/commit/fc3682776670524a42e19709ec4a8138d0d7afda" }, { "type": "WEB", "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "type": "PACKAGE", "url": "https://github.com/ljharb/qs" }, { "type": "WEB", "url": "https://github.com/n8tz/CVE-2022-24999" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00039.html" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ], "summary": "qs vulnerable to Prototype Pollution" }
rhsa-2023_0612
Vulnerability from csaf_redhat
Published
2023-02-06 19:42
Modified
2024-12-10 17:42
Summary
Red Hat Security Advisory: rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon security update
Notes
Topic
An update for rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: rh-nodejs14-nodejs (14.21.1), rh-nodejs14-nodejs-nodemon (2.0.20). (BZ#2129806, BZ#2135519, BZ#2135520, BZ#2141022)
Security Fix(es):
* glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
* minimist: prototype pollution (CVE-2021-44906)
* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)
* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)
* express: "qs" prototype poisoning causes the hang of the node process (CVE-2022-24999)
* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* rh-nodejs14-nodejs: Provide full-i18n subpackage (BZ#2009880)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: rh-nodejs14-nodejs (14.21.1), rh-nodejs14-nodejs-nodemon (2.0.20). (BZ#2129806, BZ#2135519, BZ#2135520, BZ#2141022)\n\nSecurity Fix(es):\n\n* glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n\n* minimist: prototype pollution (CVE-2021-44906)\n\n* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)\n\n* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)\n\n* express: \"qs\" prototype poisoning causes the hang of the node process (CVE-2022-24999)\n\n* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* rh-nodejs14-nodejs: Provide full-i18n subpackage (BZ#2009880)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:0612", "url": "https://access.redhat.com/errata/RHSA-2023:0612" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2009880", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2009880" }, { "category": "external", "summary": "2044591", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591" }, { "category": "external", "summary": "2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "2129806", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2129806" }, { "category": "external", "summary": "2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0612.json" } ], "title": "Red Hat Security Advisory: rh-nodejs14-nodejs and rh-nodejs14-nodejs-nodemon security update", "tracking": { "current_release_date": "2024-12-10T17:42:53+00:00", "generator": { "date": "2024-12-10T17:42:53+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2023:0612", "initial_release_date": "2023-02-06T19:42:24+00:00", "revision_history": [ { "date": "2023-02-06T19:42:24+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-02-06T19:42:24+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-10T17:42:53+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Software Collections for RHEL Workstation(v. 7)", "product": { "name": "Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } }, { "category": "product_name", "name": "Red Hat Software Collections for RHEL(v. 7)", "product": { "name": "Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7" } } } ], "category": "product_family", "name": "Red Hat Software Collections" }, { "branches": [ { "category": "product_version", "name": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "product": { "name": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "product_id": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-nodemon@2.0.20-2.el7?arch=src" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "product": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "product_id": "rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs@14.21.1-3.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "product": { "name": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "product_id": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-nodemon@2.0.20-2.el7?arch=noarch" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "product": { "name": "rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "product_id": "rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-docs@14.21.1-3.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "product": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "product_id": "rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs@14.21.1-3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "product": { "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "product_id": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-devel@14.21.1-3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "product": { "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "product_id": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-full-i18n@14.21.1-3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "product": { "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "product_id": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-npm@6.14.17-14.21.1.3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "product": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "product_id": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-debuginfo@14.21.1-3.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "product": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "product_id": "rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs@14.21.1-3.el7?arch=s390x" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "product": { "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "product_id": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-devel@14.21.1-3.el7?arch=s390x" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "product": { "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "product_id": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-full-i18n@14.21.1-3.el7?arch=s390x" } } }, { "category": "product_version", "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "product": { "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "product_id": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-npm@6.14.17-14.21.1.3.el7?arch=s390x" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "product": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "product_id": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-debuginfo@14.21.1-3.el7?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "product": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "product_id": "rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs@14.21.1-3.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "product": { "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "product_id": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-devel@14.21.1-3.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "product": { "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "product_id": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-full-i18n@14.21.1-3.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "product": { "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "product_id": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-npm@6.14.17-14.21.1.3.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "product": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "product_id": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/rh-nodejs14-nodejs-debuginfo@14.21.1-3.el7?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.src as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src" }, "product_reference": "rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch" }, "product_reference": "rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch" }, "product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src" }, "product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le" }, "product_reference": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x" }, "product_reference": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64 as a component of Red Hat Software Collections for RHEL Workstation(v. 7)", "product_id": "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" }, "product_reference": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "relates_to_product_reference": "7Server-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.src as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src" }, "product_reference": "rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch" }, "product_reference": "rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le" }, "product_reference": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x" }, "product_reference": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64" }, "product_reference": "rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch" }, "product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src" }, "product_reference": "rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le" }, "product_reference": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x" }, "product_reference": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "relates_to_product_reference": "7Workstation-RHSCL-3.8" }, { "category": "default_component_of", "full_product_name": { "name": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64 as a component of Red Hat Software Collections for RHEL(v. 7)", "product_id": "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" }, "product_reference": "rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "relates_to_product_reference": "7Workstation-RHSCL-3.8" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-35065", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-12-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156324" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "glob-parent: Regular Expression Denial of Service", "title": "Vulnerability summary" }, { "category": "other", "text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-35065" }, { "category": "external", "summary": "RHBZ#2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065", "url": "https://www.cve.org/CVERecord?id=CVE-2021-35065" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065" }, { "category": "external", "summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294", "url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294" } ], "release_date": "2022-12-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-06T19:42:24+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0612" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "glob-parent: Regular Expression Denial of Service" }, { "cve": "CVE-2021-44906", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-03-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2066009" } ], "notes": [ { "category": "description", "text": "An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "minimist: prototype pollution", "title": "Vulnerability summary" }, { "category": "other", "text": "The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. While this flaw (CVE-2021-44906) enables attackers to control objects that they should not have access to, actual exploitation would still require a chain of independent flaws. Even though the CVSS for CVE-2021-44906 is higher than CVE-2020-7598, they are both rated as having Moderate impact.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44906" }, { "category": "external", "summary": "RHBZ#2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44906" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h", "url": "https://github.com/advisories/GHSA-xvch-5gv4-984h" } ], "release_date": "2022-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-06T19:42:24+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0612" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "minimist: prototype pollution" }, { "cve": "CVE-2022-0235", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2022-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2044591" } ], "notes": [ { "category": "description", "text": "A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as \"Authorization,\" \"WWW-Authenticate,\" and \"Cookie\" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.", "title": "Vulnerability description" }, { "category": "summary", "text": "node-fetch: exposure of sensitive information to an unauthorized actor", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is out of support scope for dotnet-5.0. For more information about Dotnet product support scope, please see https://access.redhat.com/support/policy/updates/net-core", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-0235" }, { "category": "external", "summary": "RHBZ#2044591", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-0235", "url": "https://www.cve.org/CVERecord?id=CVE-2022-0235" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235" }, { "category": "external", "summary": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/", "url": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/" } ], "release_date": "2022-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-06T19:42:24+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0612" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N", "version": "3.1" }, "products": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "node-fetch: exposure of sensitive information to an unauthorized actor" }, { "cve": "CVE-2022-3517", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-06-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134609" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimatch: ReDoS via the braceExpand function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3517" }, { "category": "external", "summary": "RHBZ#2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517" } ], "release_date": "2022-02-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-06T19:42:24+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0612" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-minimatch: ReDoS via the braceExpand function" }, { "cve": "CVE-2022-24999", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150323" } ], "notes": [ { "category": "description", "text": "A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "express: \"qs\" prototype poisoning causes the hang of the node process", "title": "Vulnerability summary" }, { "category": "other", "text": "- The qs and express Package is not used by the OpenShift Container Platform console directly and is only a third-party package dependency. Hence, it is marked as wontfix. \nAs a result, any services that depend on Openshift for their use of qs and express are marked won\u0027t fix. \n- In OpenShift Service Mesh, \u0027qs\u0027 is hoisted from storybook and node-sass, both are dev dependencies, and the vulnerability is not exposed to end users. Hence marked as wontfix.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24999" }, { "category": "external", "summary": "RHBZ#2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24999", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999" }, { "category": "external", "summary": "https://github.com/expressjs/express/releases/tag/4.17.3", "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "category": "external", "summary": "https://github.com/ljharb/qs/pull/428", "url": "https://github.com/ljharb/qs/pull/428" }, { "category": "external", "summary": "https://github.com/n8tz/CVE-2022-24999", "url": "https://github.com/n8tz/CVE-2022-24999" } ], "release_date": "2022-11-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-06T19:42:24+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0612" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "express: \"qs\" prototype poisoning causes the hang of the node process" }, { "cve": "CVE-2022-43548", "cwe": { "id": "CWE-350", "name": "Reliance on Reverse DNS Resolution for a Security-Critical Action" }, "discovery_date": "2022-11-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2140911" } ], "notes": [ { "category": "description", "text": "A flaw was found in NodeJS. The issue occurs in the Node.js rebinding protector for --inspect that still allows invalid IP addresses, specifically, the octal format. This flaw allows an attacker to perform DNS rebinding and execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: DNS rebinding in inspect via invalid octal IP address", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-43548" }, { "category": "external", "summary": "RHBZ#2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-43548", "url": "https://www.cve.org/CVERecord?id=CVE-2022-43548" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548", "url": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548" } ], "release_date": "2022-11-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-06T19:42:24+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0612" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Server-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Server-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-debuginfo-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-devel-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-docs-0:14.21.1-3.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-full-i18n-0:14.21.1-3.el7.x86_64", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.noarch", "7Workstation-RHSCL-3.8:rh-nodejs14-nodejs-nodemon-0:2.0.20-2.el7.src", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.ppc64le", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.s390x", "7Workstation-RHSCL-3.8:rh-nodejs14-npm-0:6.14.17-14.21.1.3.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: DNS rebinding in inspect via invalid octal IP address" } ] }
rhsa-2023_0050
Vulnerability from csaf_redhat
Published
2023-01-09 14:55
Modified
2024-12-10 17:41
Summary
Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update
Notes
Topic
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (14.21.1), nodejs-nodemon (2.0.20).
Security Fix(es):
* minimist: prototype pollution (CVE-2021-44906)
* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)
* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)
* express: "qs" prototype poisoning causes the hang of the node process (CVE-2022-24999)
* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (14.21.1), nodejs-nodemon (2.0.20).\n\nSecurity Fix(es):\n\n* minimist: prototype pollution (CVE-2021-44906)\n\n* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)\n\n* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)\n\n* express: \"qs\" prototype poisoning causes the hang of the node process (CVE-2022-24999)\n\n* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:0050", "url": "https://access.redhat.com/errata/RHSA-2023:0050" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2044591", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591" }, { "category": "external", "summary": "2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "2142821", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142821" }, { "category": "external", "summary": "2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0050.json" } ], "title": "Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-12-10T17:41:51+00:00", "generator": { "date": "2024-12-10T17:41:51+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2023:0050", "initial_release_date": "2023-01-09T14:55:37+00:00", "revision_history": [ { "date": "2023-01-09T14:55:37+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-01-09T14:55:37+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-10T17:41:51+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nodejs:14:8070020221212161539:bd1311ed", "product": { "name": "nodejs:14:8070020221212161539:bd1311ed", "product_id": "nodejs:14:8070020221212161539:bd1311ed", "product_identification_helper": { "purl": "pkg:rpmmod/redhat/nodejs@14:8070020221212161539:bd1311ed" } } }, { "category": "product_version", "name": "nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "product": { "name": "nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "product_id": "nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-docs@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "product": { "name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "product_id": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=noarch" } } }, { "category": "product_version", "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product": { "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product_id": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product": { "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product_id": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product": { "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product_id": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product": { "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product_id": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product": { "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product_id": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "product": { "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "product_id": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.17-1.14.21.1.2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=aarch64\u0026epoch=1" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "product": { "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "product_id": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "product": { "name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "product_id": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=src" } } }, { "category": "product_version", "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product": { "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product_id": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product": { "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product_id": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product": { "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product_id": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product": { "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product_id": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product": { "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product_id": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "product": { "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "product_id": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.17-1.14.21.1.2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product": { "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product_id": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product": { "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product_id": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product": { "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product_id": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product": { "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product_id": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product": { "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product_id": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "product": { "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "product_id": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.17-1.14.21.1.2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product": { "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product_id": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product": { "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product_id": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product": { "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product_id": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product": { "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product_id": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product": { "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product_id": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.1-2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64", "product": { "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64", "product_id": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.17-1.14.21.1.2.module%2Bel8.7.0%2B17528%2Ba329cd47?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, "product_reference": "nodejs:14:8070020221212161539:bd1311ed", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64" }, "product_reference": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le" }, "product_reference": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x" }, "product_reference": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src" }, "product_reference": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64" }, "product_reference": "nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64" }, "product_reference": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le" }, "product_reference": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x" }, "product_reference": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64" }, "product_reference": "nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64" }, "product_reference": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le" }, "product_reference": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x" }, "product_reference": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64" }, "product_reference": "nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64" }, "product_reference": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le" }, "product_reference": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x" }, "product_reference": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64" }, "product_reference": "nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch" }, "product_reference": "nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64" }, "product_reference": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le" }, "product_reference": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x" }, "product_reference": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64" }, "product_reference": "nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch" }, "product_reference": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src" }, "product_reference": "nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch" }, "product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src" }, "product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64" }, "product_reference": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le" }, "product_reference": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x" }, "product_reference": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64 as a component of nodejs:14:8070020221212161539:bd1311ed as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" }, "product_reference": "npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64", "relates_to_product_reference": "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-44906", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-03-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2066009" } ], "notes": [ { "category": "description", "text": "An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "minimist: prototype pollution", "title": "Vulnerability summary" }, { "category": "other", "text": "The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. While this flaw (CVE-2021-44906) enables attackers to control objects that they should not have access to, actual exploitation would still require a chain of independent flaws. Even though the CVSS for CVE-2021-44906 is higher than CVE-2020-7598, they are both rated as having Moderate impact.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44906" }, { "category": "external", "summary": "RHBZ#2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44906" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h", "url": "https://github.com/advisories/GHSA-xvch-5gv4-984h" } ], "release_date": "2022-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-09T14:55:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0050" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "minimist: prototype pollution" }, { "cve": "CVE-2022-0235", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2022-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2044591" } ], "notes": [ { "category": "description", "text": "A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as \"Authorization,\" \"WWW-Authenticate,\" and \"Cookie\" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.", "title": "Vulnerability description" }, { "category": "summary", "text": "node-fetch: exposure of sensitive information to an unauthorized actor", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is out of support scope for dotnet-5.0. For more information about Dotnet product support scope, please see https://access.redhat.com/support/policy/updates/net-core", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-0235" }, { "category": "external", "summary": "RHBZ#2044591", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-0235", "url": "https://www.cve.org/CVERecord?id=CVE-2022-0235" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235" }, { "category": "external", "summary": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/", "url": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/" } ], "release_date": "2022-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-09T14:55:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0050" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "node-fetch: exposure of sensitive information to an unauthorized actor" }, { "cve": "CVE-2022-3517", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-06-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134609" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimatch: ReDoS via the braceExpand function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3517" }, { "category": "external", "summary": "RHBZ#2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517" } ], "release_date": "2022-02-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-09T14:55:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0050" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-minimatch: ReDoS via the braceExpand function" }, { "cve": "CVE-2022-24999", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150323" } ], "notes": [ { "category": "description", "text": "A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "express: \"qs\" prototype poisoning causes the hang of the node process", "title": "Vulnerability summary" }, { "category": "other", "text": "- The qs and express Package is not used by the OpenShift Container Platform console directly and is only a third-party package dependency. Hence, it is marked as wontfix. \nAs a result, any services that depend on Openshift for their use of qs and express are marked won\u0027t fix. \n- In OpenShift Service Mesh, \u0027qs\u0027 is hoisted from storybook and node-sass, both are dev dependencies, and the vulnerability is not exposed to end users. Hence marked as wontfix.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24999" }, { "category": "external", "summary": "RHBZ#2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24999", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999" }, { "category": "external", "summary": "https://github.com/expressjs/express/releases/tag/4.17.3", "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "category": "external", "summary": "https://github.com/ljharb/qs/pull/428", "url": "https://github.com/ljharb/qs/pull/428" }, { "category": "external", "summary": "https://github.com/n8tz/CVE-2022-24999", "url": "https://github.com/n8tz/CVE-2022-24999" } ], "release_date": "2022-11-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-09T14:55:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0050" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "express: \"qs\" prototype poisoning causes the hang of the node process" }, { "cve": "CVE-2022-43548", "cwe": { "id": "CWE-350", "name": "Reliance on Reverse DNS Resolution for a Security-Critical Action" }, "discovery_date": "2022-11-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2140911" } ], "notes": [ { "category": "description", "text": "A flaw was found in NodeJS. The issue occurs in the Node.js rebinding protector for --inspect that still allows invalid IP addresses, specifically, the octal format. This flaw allows an attacker to perform DNS rebinding and execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: DNS rebinding in inspect via invalid octal IP address", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-43548" }, { "category": "external", "summary": "RHBZ#2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-43548", "url": "https://www.cve.org/CVERecord?id=CVE-2022-43548" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548", "url": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548" } ], "release_date": "2022-11-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-01-09T14:55:37+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0050" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debuginfo-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-debugsource-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-devel-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-docs-1:14.21.1-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-full-i18n-1:14.21.1-2.module+el8.7.0+17528+a329cd47.x86_64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-nodemon-0:2.0.20-2.module+el8.7.0+17528+a329cd47.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.aarch64", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.ppc64le", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.s390x", "AppStream-8.7.0.Z.MAIN:nodejs:14:8070020221212161539:bd1311ed:npm-1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: DNS rebinding in inspect via invalid octal IP address" } ] }
rhsa-2023_0930
Vulnerability from csaf_redhat
Published
2023-03-08 15:35
Modified
2024-12-10 17:44
Summary
Red Hat Security Advisory: Logging Subsystem 5.5.8 - Red Hat OpenShift
Notes
Topic
Logging Subsystem 5.5.8 - Red Hat OpenShift
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Logging Subsystem 5.5.8 - Red Hat OpenShift
Security Fix(es):
* express: "qs" prototype poisoning causes the hang of the node process (CVE-2022-24999)
* golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Logging Subsystem 5.5.8 - Red Hat OpenShift\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Logging Subsystem 5.5.8 - Red Hat OpenShift\n\nSecurity Fix(es):\n\n* express: \"qs\" prototype poisoning causes the hang of the node process (CVE-2022-24999)\n\n* golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:0930", "url": "https://access.redhat.com/errata/RHSA-2023:0930" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "2161274", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274" }, { "category": "external", "summary": "LOG-3630", "url": "https://issues.redhat.com/browse/LOG-3630" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0930.json" } ], "title": "Red Hat Security Advisory: Logging Subsystem 5.5.8 - Red Hat OpenShift", "tracking": { "current_release_date": "2024-12-10T17:44:34+00:00", "generator": { "date": "2024-12-10T17:44:34+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2023:0930", "initial_release_date": "2023-03-08T15:35:11+00:00", "revision_history": [ { "date": "2023-03-08T15:35:11+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-08T15:35:11+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-10T17:44:34+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHOL 5.5 for RHEL 8", "product": { "name": "RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5", "product_identification_helper": { "cpe": "cpe:/a:redhat:logging:5.5::el8" } } } ], "category": "product_family", "name": "logging for Red Hat OpenShift" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:308bf7bffef3c969bb8d2bf02d516bf50a90f56fc700ae97d41bf3083ddc4f53_ppc64le", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:308bf7bffef3c969bb8d2bf02d516bf50a90f56fc700ae97d41bf3083ddc4f53_ppc64le", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:308bf7bffef3c969bb8d2bf02d516bf50a90f56fc700ae97d41bf3083ddc4f53_ppc64le", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:308bf7bffef3c969bb8d2bf02d516bf50a90f56fc700ae97d41bf3083ddc4f53?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.5.8-4" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:6c2fce66b366d763f3a9c5242eba1604e19be44be45547748aab969d50559dec_ppc64le", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:6c2fce66b366d763f3a9c5242eba1604e19be44be45547748aab969d50559dec_ppc64le", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:6c2fce66b366d763f3a9c5242eba1604e19be44be45547748aab969d50559dec_ppc64le", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:6c2fce66b366d763f3a9c5242eba1604e19be44be45547748aab969d50559dec?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.5.8-3" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:d7575d0b9379fe3c69b0b8ea76bfd497dc2767acdd6f7c35550be08cc474fb29_ppc64le", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:d7575d0b9379fe3c69b0b8ea76bfd497dc2767acdd6f7c35550be08cc474fb29_ppc64le", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:d7575d0b9379fe3c69b0b8ea76bfd497dc2767acdd6f7c35550be08cc474fb29_ppc64le", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:d7575d0b9379fe3c69b0b8ea76bfd497dc2767acdd6f7c35550be08cc474fb29?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-341" } } }, { "category": "product_version", "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:f94785be16f1a0ce3fc41a081dfd8925c51290ae9206a101bdb98a051209c69c_ppc64le", "product": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:f94785be16f1a0ce3fc41a081dfd8925c51290ae9206a101bdb98a051209c69c_ppc64le", "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:f94785be16f1a0ce3fc41a081dfd8925c51290ae9206a101bdb98a051209c69c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:f94785be16f1a0ce3fc41a081dfd8925c51290ae9206a101bdb98a051209c69c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-106" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:28a7b04ec5810ec7b7dcd3c233edb96ca324905e82ecabdadf551e616b7da05c_ppc64le", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:28a7b04ec5810ec7b7dcd3c233edb96ca324905e82ecabdadf551e616b7da05c_ppc64le", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:28a7b04ec5810ec7b7dcd3c233edb96ca324905e82ecabdadf551e616b7da05c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:28a7b04ec5810ec7b7dcd3c233edb96ca324905e82ecabdadf551e616b7da05c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-307" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:3776dde25b75ec53b1172d175dcf00a8856e2fb97a9971047202b5cc0efb51be_ppc64le", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:3776dde25b75ec53b1172d175dcf00a8856e2fb97a9971047202b5cc0efb51be_ppc64le", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:3776dde25b75ec53b1172d175dcf00a8856e2fb97a9971047202b5cc0efb51be_ppc64le", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:3776dde25b75ec53b1172d175dcf00a8856e2fb97a9971047202b5cc0efb51be?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-299" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:364a0aeb3fbe41cb4563abe282eea246815996cee862a472090e3e2a3fb2b877_ppc64le", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:364a0aeb3fbe41cb4563abe282eea246815996cee862a472090e3e2a3fb2b877_ppc64le", "product_id": "openshift-logging/eventrouter-rhel8@sha256:364a0aeb3fbe41cb4563abe282eea246815996cee862a472090e3e2a3fb2b877_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:364a0aeb3fbe41cb4563abe282eea246815996cee862a472090e3e2a3fb2b877?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-93" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:c440a0e7ce359b7c7649c7522540689c831c48f51407594a6bf4b0776ff3d104_ppc64le", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:c440a0e7ce359b7c7649c7522540689c831c48f51407594a6bf4b0776ff3d104_ppc64le", "product_id": "openshift-logging/fluentd-rhel8@sha256:c440a0e7ce359b7c7649c7522540689c831c48f51407594a6bf4b0776ff3d104_ppc64le", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:c440a0e7ce359b7c7649c7522540689c831c48f51407594a6bf4b0776ff3d104?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-89" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:7857d67e9f47c9caba32bd73271fcbfafd00047ea97956f065a39ba8782d44a3_ppc64le", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:7857d67e9f47c9caba32bd73271fcbfafd00047ea97956f065a39ba8782d44a3_ppc64le", "product_id": "openshift-logging/kibana6-rhel8@sha256:7857d67e9f47c9caba32bd73271fcbfafd00047ea97956f065a39ba8782d44a3_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:7857d67e9f47c9caba32bd73271fcbfafd00047ea97956f065a39ba8782d44a3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-336" } } }, { "category": "product_version", "name": "openshift-logging/logging-loki-rhel8@sha256:951a8f3db7b38894f8276375bbb5bd5651652b4c550c27dea6140efe40026d2f_ppc64le", "product": { "name": "openshift-logging/logging-loki-rhel8@sha256:951a8f3db7b38894f8276375bbb5bd5651652b4c550c27dea6140efe40026d2f_ppc64le", "product_id": "openshift-logging/logging-loki-rhel8@sha256:951a8f3db7b38894f8276375bbb5bd5651652b4c550c27dea6140efe40026d2f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/logging-loki-rhel8@sha256:951a8f3db7b38894f8276375bbb5bd5651652b4c550c27dea6140efe40026d2f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.6.1-29" } } }, { "category": "product_version", "name": "openshift-logging/vector-rhel8@sha256:21ee0003cd6ac6035cbb9d88cf9f524681080b1198c687c49055d6cbec6ce0a6_ppc64le", "product": { "name": "openshift-logging/vector-rhel8@sha256:21ee0003cd6ac6035cbb9d88cf9f524681080b1198c687c49055d6cbec6ce0a6_ppc64le", "product_id": "openshift-logging/vector-rhel8@sha256:21ee0003cd6ac6035cbb9d88cf9f524681080b1198c687c49055d6cbec6ce0a6_ppc64le", "product_identification_helper": { "purl": "pkg:oci/vector-rhel8@sha256:21ee0003cd6ac6035cbb9d88cf9f524681080b1198c687c49055d6cbec6ce0a6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-58" } } }, { "category": "product_version", "name": "openshift-logging/logging-view-plugin-rhel8@sha256:c66c39c2e4df1c15daa82119fbfa3c16d67b0e730ca39db675b69c6a93fa6c5b_ppc64le", "product": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:c66c39c2e4df1c15daa82119fbfa3c16d67b0e730ca39db675b69c6a93fa6c5b_ppc64le", "product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:c66c39c2e4df1c15daa82119fbfa3c16d67b0e730ca39db675b69c6a93fa6c5b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/logging-view-plugin-rhel8@sha256:c66c39c2e4df1c15daa82119fbfa3c16d67b0e730ca39db675b69c6a93fa6c5b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.5.8-3" } } }, { "category": "product_version", "name": "openshift-logging/loki-rhel8-operator@sha256:839dacd7f0ca3405440741d2c575ca4cfe6e4307e34f4669eca938edd176c25d_ppc64le", "product": { "name": "openshift-logging/loki-rhel8-operator@sha256:839dacd7f0ca3405440741d2c575ca4cfe6e4307e34f4669eca938edd176c25d_ppc64le", "product_id": "openshift-logging/loki-rhel8-operator@sha256:839dacd7f0ca3405440741d2c575ca4cfe6e4307e34f4669eca938edd176c25d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/loki-rhel8-operator@sha256:839dacd7f0ca3405440741d2c575ca4cfe6e4307e34f4669eca938edd176c25d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.5.8-3" } } }, { "category": "product_version", "name": "openshift-logging/lokistack-gateway-rhel8@sha256:6f01a9f6e2390138b673feadd1cebd2a88e0149436093389b6a177bc0bc20e71_ppc64le", "product": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:6f01a9f6e2390138b673feadd1cebd2a88e0149436093389b6a177bc0bc20e71_ppc64le", "product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:6f01a9f6e2390138b673feadd1cebd2a88e0149436093389b6a177bc0bc20e71_ppc64le", "product_identification_helper": { "purl": "pkg:oci/lokistack-gateway-rhel8@sha256:6f01a9f6e2390138b673feadd1cebd2a88e0149436093389b6a177bc0bc20e71?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-161" } } }, { "category": "product_version", "name": "openshift-logging/opa-openshift-rhel8@sha256:e11def073dcc8448c4c0f8bbb2c8f8a6b309a4199990d2c98a6b4092d2cf8d80_ppc64le", "product": { "name": "openshift-logging/opa-openshift-rhel8@sha256:e11def073dcc8448c4c0f8bbb2c8f8a6b309a4199990d2c98a6b4092d2cf8d80_ppc64le", "product_id": "openshift-logging/opa-openshift-rhel8@sha256:e11def073dcc8448c4c0f8bbb2c8f8a6b309a4199990d2c98a6b4092d2cf8d80_ppc64le", "product_identification_helper": { "purl": "pkg:oci/opa-openshift-rhel8@sha256:e11def073dcc8448c4c0f8bbb2c8f8a6b309a4199990d2c98a6b4092d2cf8d80?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-51" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:fef2924d6f8df4c405b474cd3d438ce8252f259c3803aeca37b6f994ceba3f5f_arm64", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:fef2924d6f8df4c405b474cd3d438ce8252f259c3803aeca37b6f994ceba3f5f_arm64", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:fef2924d6f8df4c405b474cd3d438ce8252f259c3803aeca37b6f994ceba3f5f_arm64", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:fef2924d6f8df4c405b474cd3d438ce8252f259c3803aeca37b6f994ceba3f5f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.5.8-4" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:05e660bed7bf8c3bb0c0cec2f377f1cd7da6a2619fd51d89b13afc839e6e34ad_arm64", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:05e660bed7bf8c3bb0c0cec2f377f1cd7da6a2619fd51d89b13afc839e6e34ad_arm64", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:05e660bed7bf8c3bb0c0cec2f377f1cd7da6a2619fd51d89b13afc839e6e34ad_arm64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:05e660bed7bf8c3bb0c0cec2f377f1cd7da6a2619fd51d89b13afc839e6e34ad?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.5.8-3" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:0599ae2e322dafeef0293ccb97feb4a0a7778575143a6dda3a06bdb490f179e3_arm64", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:0599ae2e322dafeef0293ccb97feb4a0a7778575143a6dda3a06bdb490f179e3_arm64", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:0599ae2e322dafeef0293ccb97feb4a0a7778575143a6dda3a06bdb490f179e3_arm64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:0599ae2e322dafeef0293ccb97feb4a0a7778575143a6dda3a06bdb490f179e3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-341" } } }, { "category": "product_version", "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:3a0993b049b4556d2011abfdb05bd61cfe6855b4ca444ee992fe58e25b31581f_arm64", "product": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:3a0993b049b4556d2011abfdb05bd61cfe6855b4ca444ee992fe58e25b31581f_arm64", "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:3a0993b049b4556d2011abfdb05bd61cfe6855b4ca444ee992fe58e25b31581f_arm64", "product_identification_helper": { "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:3a0993b049b4556d2011abfdb05bd61cfe6855b4ca444ee992fe58e25b31581f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-106" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:72e0218c73cd271d6aeb395a25f5ea7956daeae7c635fc04c7e6d27c2eb5e181_arm64", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:72e0218c73cd271d6aeb395a25f5ea7956daeae7c635fc04c7e6d27c2eb5e181_arm64", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:72e0218c73cd271d6aeb395a25f5ea7956daeae7c635fc04c7e6d27c2eb5e181_arm64", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:72e0218c73cd271d6aeb395a25f5ea7956daeae7c635fc04c7e6d27c2eb5e181?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-307" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:ac76f4d5a07431295a760ea4892f8c6704de1a4d9959ea79568abd33c6f16550_arm64", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:ac76f4d5a07431295a760ea4892f8c6704de1a4d9959ea79568abd33c6f16550_arm64", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:ac76f4d5a07431295a760ea4892f8c6704de1a4d9959ea79568abd33c6f16550_arm64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:ac76f4d5a07431295a760ea4892f8c6704de1a4d9959ea79568abd33c6f16550?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-299" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:48b65412b9d438362cfa492eeca2130f87997e22630668ff2b1b1c5a831ebe6e_arm64", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:48b65412b9d438362cfa492eeca2130f87997e22630668ff2b1b1c5a831ebe6e_arm64", "product_id": "openshift-logging/eventrouter-rhel8@sha256:48b65412b9d438362cfa492eeca2130f87997e22630668ff2b1b1c5a831ebe6e_arm64", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:48b65412b9d438362cfa492eeca2130f87997e22630668ff2b1b1c5a831ebe6e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-93" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:0e831cf4a68dcb115710ae1996043ea2ce22849e55bc214e0bafb616fe8ed497_arm64", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:0e831cf4a68dcb115710ae1996043ea2ce22849e55bc214e0bafb616fe8ed497_arm64", "product_id": "openshift-logging/fluentd-rhel8@sha256:0e831cf4a68dcb115710ae1996043ea2ce22849e55bc214e0bafb616fe8ed497_arm64", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:0e831cf4a68dcb115710ae1996043ea2ce22849e55bc214e0bafb616fe8ed497?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-89" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:a40fd7ced648e328d9e122ea1239816e26744a2289b560c636461a737f814199_arm64", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:a40fd7ced648e328d9e122ea1239816e26744a2289b560c636461a737f814199_arm64", "product_id": "openshift-logging/kibana6-rhel8@sha256:a40fd7ced648e328d9e122ea1239816e26744a2289b560c636461a737f814199_arm64", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:a40fd7ced648e328d9e122ea1239816e26744a2289b560c636461a737f814199?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-336" } } }, { "category": "product_version", "name": "openshift-logging/logging-loki-rhel8@sha256:c1bab2bb325a89d3e4fc339f95442a823d952596f80e9e756778d00982ff4e65_arm64", "product": { "name": "openshift-logging/logging-loki-rhel8@sha256:c1bab2bb325a89d3e4fc339f95442a823d952596f80e9e756778d00982ff4e65_arm64", "product_id": "openshift-logging/logging-loki-rhel8@sha256:c1bab2bb325a89d3e4fc339f95442a823d952596f80e9e756778d00982ff4e65_arm64", "product_identification_helper": { "purl": "pkg:oci/logging-loki-rhel8@sha256:c1bab2bb325a89d3e4fc339f95442a823d952596f80e9e756778d00982ff4e65?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.6.1-29" } } }, { "category": "product_version", "name": "openshift-logging/vector-rhel8@sha256:f5bcf8df21f81154708c975272975fb5bc3f29764eccf6c39c79f1aede39fbe2_arm64", "product": { "name": "openshift-logging/vector-rhel8@sha256:f5bcf8df21f81154708c975272975fb5bc3f29764eccf6c39c79f1aede39fbe2_arm64", "product_id": "openshift-logging/vector-rhel8@sha256:f5bcf8df21f81154708c975272975fb5bc3f29764eccf6c39c79f1aede39fbe2_arm64", "product_identification_helper": { "purl": "pkg:oci/vector-rhel8@sha256:f5bcf8df21f81154708c975272975fb5bc3f29764eccf6c39c79f1aede39fbe2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-58" } } }, { "category": "product_version", "name": "openshift-logging/logging-view-plugin-rhel8@sha256:e6d7f327bdd8973037fdee50f91c12731ecb39c26dc20a164551e4396f56c218_arm64", "product": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:e6d7f327bdd8973037fdee50f91c12731ecb39c26dc20a164551e4396f56c218_arm64", "product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:e6d7f327bdd8973037fdee50f91c12731ecb39c26dc20a164551e4396f56c218_arm64", "product_identification_helper": { "purl": "pkg:oci/logging-view-plugin-rhel8@sha256:e6d7f327bdd8973037fdee50f91c12731ecb39c26dc20a164551e4396f56c218?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.5.8-3" } } }, { "category": "product_version", "name": "openshift-logging/loki-rhel8-operator@sha256:c21acce895095222da9bd3bc1885b8baa70f77aed5cb88d902fd164f54975578_arm64", "product": { "name": "openshift-logging/loki-rhel8-operator@sha256:c21acce895095222da9bd3bc1885b8baa70f77aed5cb88d902fd164f54975578_arm64", "product_id": "openshift-logging/loki-rhel8-operator@sha256:c21acce895095222da9bd3bc1885b8baa70f77aed5cb88d902fd164f54975578_arm64", "product_identification_helper": { "purl": "pkg:oci/loki-rhel8-operator@sha256:c21acce895095222da9bd3bc1885b8baa70f77aed5cb88d902fd164f54975578?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.5.8-3" } } }, { "category": "product_version", "name": "openshift-logging/lokistack-gateway-rhel8@sha256:01a25a9b81000a99b3c473d9f2a93c27a7a6f8919d062bc615f78f9f7deb1024_arm64", "product": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:01a25a9b81000a99b3c473d9f2a93c27a7a6f8919d062bc615f78f9f7deb1024_arm64", "product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:01a25a9b81000a99b3c473d9f2a93c27a7a6f8919d062bc615f78f9f7deb1024_arm64", "product_identification_helper": { "purl": "pkg:oci/lokistack-gateway-rhel8@sha256:01a25a9b81000a99b3c473d9f2a93c27a7a6f8919d062bc615f78f9f7deb1024?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-161" } } }, { "category": "product_version", "name": "openshift-logging/opa-openshift-rhel8@sha256:9ae4b704b6326b14892f560168b2d5ce29f615360aab537b939c2ef00ef0933c_arm64", "product": { "name": "openshift-logging/opa-openshift-rhel8@sha256:9ae4b704b6326b14892f560168b2d5ce29f615360aab537b939c2ef00ef0933c_arm64", "product_id": "openshift-logging/opa-openshift-rhel8@sha256:9ae4b704b6326b14892f560168b2d5ce29f615360aab537b939c2ef00ef0933c_arm64", "product_identification_helper": { "purl": "pkg:oci/opa-openshift-rhel8@sha256:9ae4b704b6326b14892f560168b2d5ce29f615360aab537b939c2ef00ef0933c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-51" } } } ], "category": "architecture", "name": "arm64" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:04d9b4e5635da41abb5abc5cab94ba8adc9ef974f0f2a8d0bd75aae8c4faf077_amd64", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:04d9b4e5635da41abb5abc5cab94ba8adc9ef974f0f2a8d0bd75aae8c4faf077_amd64", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:04d9b4e5635da41abb5abc5cab94ba8adc9ef974f0f2a8d0bd75aae8c4faf077_amd64", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:04d9b4e5635da41abb5abc5cab94ba8adc9ef974f0f2a8d0bd75aae8c4faf077?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.5.8-4" } } }, { "category": "product_version", "name": "openshift-logging/cluster-logging-operator-bundle@sha256:37b6ad91114effd11b2701ccb89955bc53e124f48f16c84ffa0762e650203074_amd64", "product": { "name": "openshift-logging/cluster-logging-operator-bundle@sha256:37b6ad91114effd11b2701ccb89955bc53e124f48f16c84ffa0762e650203074_amd64", "product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:37b6ad91114effd11b2701ccb89955bc53e124f48f16c84ffa0762e650203074_amd64", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-operator-bundle@sha256:37b6ad91114effd11b2701ccb89955bc53e124f48f16c84ffa0762e650203074?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.5.8-29" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:71273bfac1b8d72f81e863681f329b2c834ac3b9b7797cccbf6ffb23efad8b0f_amd64", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:71273bfac1b8d72f81e863681f329b2c834ac3b9b7797cccbf6ffb23efad8b0f_amd64", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:71273bfac1b8d72f81e863681f329b2c834ac3b9b7797cccbf6ffb23efad8b0f_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:71273bfac1b8d72f81e863681f329b2c834ac3b9b7797cccbf6ffb23efad8b0f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.5.8-3" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-operator-bundle@sha256:f6af35418dc282c51902b462c03a6fe62d38d0ec83b9fd7c95cee754377b24af_amd64", "product": { "name": "openshift-logging/elasticsearch-operator-bundle@sha256:f6af35418dc282c51902b462c03a6fe62d38d0ec83b9fd7c95cee754377b24af_amd64", "product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:f6af35418dc282c51902b462c03a6fe62d38d0ec83b9fd7c95cee754377b24af_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-operator-bundle@sha256:f6af35418dc282c51902b462c03a6fe62d38d0ec83b9fd7c95cee754377b24af?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.5.8-38" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a06d622a0e554353edbe29e46075f6ff383cb5bb008cd21521a0f3b4834a264a_amd64", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a06d622a0e554353edbe29e46075f6ff383cb5bb008cd21521a0f3b4834a264a_amd64", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a06d622a0e554353edbe29e46075f6ff383cb5bb008cd21521a0f3b4834a264a_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:a06d622a0e554353edbe29e46075f6ff383cb5bb008cd21521a0f3b4834a264a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-341" } } }, { "category": "product_version", "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:d46966247189f43bf33cc82b937a59cdfcf10504ff8050119385bf63e7d81e34_amd64", "product": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:d46966247189f43bf33cc82b937a59cdfcf10504ff8050119385bf63e7d81e34_amd64", "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:d46966247189f43bf33cc82b937a59cdfcf10504ff8050119385bf63e7d81e34_amd64", "product_identification_helper": { "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:d46966247189f43bf33cc82b937a59cdfcf10504ff8050119385bf63e7d81e34?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-106" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:9169b406ff5e87edbe9243a568638bcc8d342ca685186bce6f6964cf5fa8785f_amd64", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:9169b406ff5e87edbe9243a568638bcc8d342ca685186bce6f6964cf5fa8785f_amd64", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:9169b406ff5e87edbe9243a568638bcc8d342ca685186bce6f6964cf5fa8785f_amd64", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:9169b406ff5e87edbe9243a568638bcc8d342ca685186bce6f6964cf5fa8785f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-307" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:f4565e374f73d72f720e571742ba6598ab4499fa0cca17cf3fa3078d0b9a6f37_amd64", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:f4565e374f73d72f720e571742ba6598ab4499fa0cca17cf3fa3078d0b9a6f37_amd64", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:f4565e374f73d72f720e571742ba6598ab4499fa0cca17cf3fa3078d0b9a6f37_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:f4565e374f73d72f720e571742ba6598ab4499fa0cca17cf3fa3078d0b9a6f37?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-299" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:b12aaab8e5ef6ec47539183283161348f314d05f56de672d34a6df576da905c8_amd64", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:b12aaab8e5ef6ec47539183283161348f314d05f56de672d34a6df576da905c8_amd64", "product_id": "openshift-logging/eventrouter-rhel8@sha256:b12aaab8e5ef6ec47539183283161348f314d05f56de672d34a6df576da905c8_amd64", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:b12aaab8e5ef6ec47539183283161348f314d05f56de672d34a6df576da905c8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-93" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:0181f1dc2089fd0bd3ab9f22ea399a1750c6e5657bacefc4226ac3ea59debd44_amd64", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:0181f1dc2089fd0bd3ab9f22ea399a1750c6e5657bacefc4226ac3ea59debd44_amd64", "product_id": "openshift-logging/fluentd-rhel8@sha256:0181f1dc2089fd0bd3ab9f22ea399a1750c6e5657bacefc4226ac3ea59debd44_amd64", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:0181f1dc2089fd0bd3ab9f22ea399a1750c6e5657bacefc4226ac3ea59debd44?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-89" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:eaa0831f379fbe5d0263113dad7b0d6c13b117d43126ac489d253338f881b6c8_amd64", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:eaa0831f379fbe5d0263113dad7b0d6c13b117d43126ac489d253338f881b6c8_amd64", "product_id": "openshift-logging/kibana6-rhel8@sha256:eaa0831f379fbe5d0263113dad7b0d6c13b117d43126ac489d253338f881b6c8_amd64", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:eaa0831f379fbe5d0263113dad7b0d6c13b117d43126ac489d253338f881b6c8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-336" } } }, { "category": "product_version", "name": "openshift-logging/logging-loki-rhel8@sha256:287c2fdcf4be7c80d4ebf4bce0ac3ea1762ab35ca674f74db088c3f61ac232c1_amd64", "product": { "name": "openshift-logging/logging-loki-rhel8@sha256:287c2fdcf4be7c80d4ebf4bce0ac3ea1762ab35ca674f74db088c3f61ac232c1_amd64", "product_id": "openshift-logging/logging-loki-rhel8@sha256:287c2fdcf4be7c80d4ebf4bce0ac3ea1762ab35ca674f74db088c3f61ac232c1_amd64", "product_identification_helper": { "purl": "pkg:oci/logging-loki-rhel8@sha256:287c2fdcf4be7c80d4ebf4bce0ac3ea1762ab35ca674f74db088c3f61ac232c1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.6.1-29" } } }, { "category": "product_version", "name": "openshift-logging/vector-rhel8@sha256:25d0bb74c765fe7a5255da943a39121daac2dd93240efa932ed52fce0860101b_amd64", "product": { "name": "openshift-logging/vector-rhel8@sha256:25d0bb74c765fe7a5255da943a39121daac2dd93240efa932ed52fce0860101b_amd64", "product_id": "openshift-logging/vector-rhel8@sha256:25d0bb74c765fe7a5255da943a39121daac2dd93240efa932ed52fce0860101b_amd64", "product_identification_helper": { "purl": "pkg:oci/vector-rhel8@sha256:25d0bb74c765fe7a5255da943a39121daac2dd93240efa932ed52fce0860101b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-58" } } }, { "category": "product_version", "name": "openshift-logging/logging-view-plugin-rhel8@sha256:4c19d67d3c3f58b6050971dbc1ca850d72bbc6fef857be4f69a6db8a9a19e3ef_amd64", "product": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:4c19d67d3c3f58b6050971dbc1ca850d72bbc6fef857be4f69a6db8a9a19e3ef_amd64", "product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:4c19d67d3c3f58b6050971dbc1ca850d72bbc6fef857be4f69a6db8a9a19e3ef_amd64", "product_identification_helper": { "purl": "pkg:oci/logging-view-plugin-rhel8@sha256:4c19d67d3c3f58b6050971dbc1ca850d72bbc6fef857be4f69a6db8a9a19e3ef?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.5.8-3" } } }, { "category": "product_version", "name": "openshift-logging/loki-operator-bundle@sha256:2791b01acab311ef2386228772751c7702e1139e6db26f76be190ab3e79a3d38_amd64", "product": { "name": "openshift-logging/loki-operator-bundle@sha256:2791b01acab311ef2386228772751c7702e1139e6db26f76be190ab3e79a3d38_amd64", "product_id": "openshift-logging/loki-operator-bundle@sha256:2791b01acab311ef2386228772751c7702e1139e6db26f76be190ab3e79a3d38_amd64", "product_identification_helper": { "purl": "pkg:oci/loki-operator-bundle@sha256:2791b01acab311ef2386228772751c7702e1139e6db26f76be190ab3e79a3d38?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v5.5.8-44" } } }, { "category": "product_version", "name": "openshift-logging/loki-rhel8-operator@sha256:56d66398e41804fbebe5ba0ba78d9d32c5d0b22d4962e0cd9de7648adc78e7d5_amd64", "product": { "name": "openshift-logging/loki-rhel8-operator@sha256:56d66398e41804fbebe5ba0ba78d9d32c5d0b22d4962e0cd9de7648adc78e7d5_amd64", "product_id": "openshift-logging/loki-rhel8-operator@sha256:56d66398e41804fbebe5ba0ba78d9d32c5d0b22d4962e0cd9de7648adc78e7d5_amd64", "product_identification_helper": { "purl": "pkg:oci/loki-rhel8-operator@sha256:56d66398e41804fbebe5ba0ba78d9d32c5d0b22d4962e0cd9de7648adc78e7d5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.5.8-3" } } }, { "category": "product_version", "name": "openshift-logging/lokistack-gateway-rhel8@sha256:6b3400f180c5a5ef95b5f5a933b8bfb0ef570c554985d700e4e10bbf876dd192_amd64", "product": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:6b3400f180c5a5ef95b5f5a933b8bfb0ef570c554985d700e4e10bbf876dd192_amd64", "product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:6b3400f180c5a5ef95b5f5a933b8bfb0ef570c554985d700e4e10bbf876dd192_amd64", "product_identification_helper": { "purl": "pkg:oci/lokistack-gateway-rhel8@sha256:6b3400f180c5a5ef95b5f5a933b8bfb0ef570c554985d700e4e10bbf876dd192?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-161" } } }, { "category": "product_version", "name": "openshift-logging/opa-openshift-rhel8@sha256:2e02678af3c1fae869742bae38403aa676ccdbec6fce43720be3c33399bfe965_amd64", "product": { "name": "openshift-logging/opa-openshift-rhel8@sha256:2e02678af3c1fae869742bae38403aa676ccdbec6fce43720be3c33399bfe965_amd64", "product_id": "openshift-logging/opa-openshift-rhel8@sha256:2e02678af3c1fae869742bae38403aa676ccdbec6fce43720be3c33399bfe965_amd64", "product_identification_helper": { "purl": "pkg:oci/opa-openshift-rhel8@sha256:2e02678af3c1fae869742bae38403aa676ccdbec6fce43720be3c33399bfe965?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-51" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:7333f1d60445adac0776fa4362ac2c5212faafe26d15da1e5f9b8fd3908cdf74_s390x", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:7333f1d60445adac0776fa4362ac2c5212faafe26d15da1e5f9b8fd3908cdf74_s390x", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:7333f1d60445adac0776fa4362ac2c5212faafe26d15da1e5f9b8fd3908cdf74_s390x", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:7333f1d60445adac0776fa4362ac2c5212faafe26d15da1e5f9b8fd3908cdf74?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.5.8-4" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1f72b33596d3a4fa61843ecfa59b70f68042df7c7fb8f367ac7d1983d19877da_s390x", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1f72b33596d3a4fa61843ecfa59b70f68042df7c7fb8f367ac7d1983d19877da_s390x", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:1f72b33596d3a4fa61843ecfa59b70f68042df7c7fb8f367ac7d1983d19877da_s390x", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:1f72b33596d3a4fa61843ecfa59b70f68042df7c7fb8f367ac7d1983d19877da?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.5.8-3" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:fd1a319ecd675325f297dcb670f83ae809d82beddc10f99649b7fed05b32b3eb_s390x", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:fd1a319ecd675325f297dcb670f83ae809d82beddc10f99649b7fed05b32b3eb_s390x", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:fd1a319ecd675325f297dcb670f83ae809d82beddc10f99649b7fed05b32b3eb_s390x", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:fd1a319ecd675325f297dcb670f83ae809d82beddc10f99649b7fed05b32b3eb?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-341" } } }, { "category": "product_version", "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ce5bd75e7e188877599222ac77ab7093fec0409cebd2bc379744830861d82ebf_s390x", "product": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ce5bd75e7e188877599222ac77ab7093fec0409cebd2bc379744830861d82ebf_s390x", "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ce5bd75e7e188877599222ac77ab7093fec0409cebd2bc379744830861d82ebf_s390x", "product_identification_helper": { "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:ce5bd75e7e188877599222ac77ab7093fec0409cebd2bc379744830861d82ebf?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-106" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:f6ec36b684176d59d688b3f2beb22caaaa7cf1781161d9f9c76c106ac56f9d46_s390x", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:f6ec36b684176d59d688b3f2beb22caaaa7cf1781161d9f9c76c106ac56f9d46_s390x", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:f6ec36b684176d59d688b3f2beb22caaaa7cf1781161d9f9c76c106ac56f9d46_s390x", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:f6ec36b684176d59d688b3f2beb22caaaa7cf1781161d9f9c76c106ac56f9d46?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-307" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:08808e86c1c4a6f1e64800760b3ea3b93d90a3215de920fddcadb7a5b29fb82e_s390x", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:08808e86c1c4a6f1e64800760b3ea3b93d90a3215de920fddcadb7a5b29fb82e_s390x", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:08808e86c1c4a6f1e64800760b3ea3b93d90a3215de920fddcadb7a5b29fb82e_s390x", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:08808e86c1c4a6f1e64800760b3ea3b93d90a3215de920fddcadb7a5b29fb82e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-299" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:378d1d80a68f0c18800706a1d35e7808e7215914e8ae19890e35d4387481c078_s390x", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:378d1d80a68f0c18800706a1d35e7808e7215914e8ae19890e35d4387481c078_s390x", "product_id": "openshift-logging/eventrouter-rhel8@sha256:378d1d80a68f0c18800706a1d35e7808e7215914e8ae19890e35d4387481c078_s390x", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:378d1d80a68f0c18800706a1d35e7808e7215914e8ae19890e35d4387481c078?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-93" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:6b503da1639b35cab5ff76bd8058026875a9b2a0c6fc0b6df62c1fefe016345a_s390x", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:6b503da1639b35cab5ff76bd8058026875a9b2a0c6fc0b6df62c1fefe016345a_s390x", "product_id": "openshift-logging/fluentd-rhel8@sha256:6b503da1639b35cab5ff76bd8058026875a9b2a0c6fc0b6df62c1fefe016345a_s390x", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:6b503da1639b35cab5ff76bd8058026875a9b2a0c6fc0b6df62c1fefe016345a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-89" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:7eb9000152182b004c4dddf1d5bd90eab32f5d11eac80670710a660c35dfa105_s390x", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:7eb9000152182b004c4dddf1d5bd90eab32f5d11eac80670710a660c35dfa105_s390x", "product_id": "openshift-logging/kibana6-rhel8@sha256:7eb9000152182b004c4dddf1d5bd90eab32f5d11eac80670710a660c35dfa105_s390x", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:7eb9000152182b004c4dddf1d5bd90eab32f5d11eac80670710a660c35dfa105?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-336" } } }, { "category": "product_version", "name": "openshift-logging/logging-loki-rhel8@sha256:950aab49aafd6a97d5ed498ceee95f600462062f197a45d0020456133c7773c1_s390x", "product": { "name": "openshift-logging/logging-loki-rhel8@sha256:950aab49aafd6a97d5ed498ceee95f600462062f197a45d0020456133c7773c1_s390x", "product_id": "openshift-logging/logging-loki-rhel8@sha256:950aab49aafd6a97d5ed498ceee95f600462062f197a45d0020456133c7773c1_s390x", "product_identification_helper": { "purl": "pkg:oci/logging-loki-rhel8@sha256:950aab49aafd6a97d5ed498ceee95f600462062f197a45d0020456133c7773c1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.6.1-29" } } }, { "category": "product_version", "name": "openshift-logging/vector-rhel8@sha256:56367c67b0be8e48f47ce1c30be92d1c9dd2bf123c7247a4852ce3a7e6c37795_s390x", "product": { "name": "openshift-logging/vector-rhel8@sha256:56367c67b0be8e48f47ce1c30be92d1c9dd2bf123c7247a4852ce3a7e6c37795_s390x", "product_id": "openshift-logging/vector-rhel8@sha256:56367c67b0be8e48f47ce1c30be92d1c9dd2bf123c7247a4852ce3a7e6c37795_s390x", "product_identification_helper": { "purl": "pkg:oci/vector-rhel8@sha256:56367c67b0be8e48f47ce1c30be92d1c9dd2bf123c7247a4852ce3a7e6c37795?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-58" } } }, { "category": "product_version", "name": "openshift-logging/logging-view-plugin-rhel8@sha256:628c5faced7d608e3727326cc9d47b6cb1081181c9881736705b346f20c6dce4_s390x", "product": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:628c5faced7d608e3727326cc9d47b6cb1081181c9881736705b346f20c6dce4_s390x", "product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:628c5faced7d608e3727326cc9d47b6cb1081181c9881736705b346f20c6dce4_s390x", "product_identification_helper": { "purl": "pkg:oci/logging-view-plugin-rhel8@sha256:628c5faced7d608e3727326cc9d47b6cb1081181c9881736705b346f20c6dce4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.5.8-3" } } }, { "category": "product_version", "name": "openshift-logging/loki-rhel8-operator@sha256:7914c3a644a934a1d24a2ba2e9362b3b932a427ff02854a71b5075ee3b653cef_s390x", "product": { "name": "openshift-logging/loki-rhel8-operator@sha256:7914c3a644a934a1d24a2ba2e9362b3b932a427ff02854a71b5075ee3b653cef_s390x", "product_id": "openshift-logging/loki-rhel8-operator@sha256:7914c3a644a934a1d24a2ba2e9362b3b932a427ff02854a71b5075ee3b653cef_s390x", "product_identification_helper": { "purl": "pkg:oci/loki-rhel8-operator@sha256:7914c3a644a934a1d24a2ba2e9362b3b932a427ff02854a71b5075ee3b653cef?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.5.8-3" } } }, { "category": "product_version", "name": "openshift-logging/lokistack-gateway-rhel8@sha256:096033a45f20be6e319cc35e9ac567b47371de3242c8cbaf3c9b474da1ed9d0f_s390x", "product": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:096033a45f20be6e319cc35e9ac567b47371de3242c8cbaf3c9b474da1ed9d0f_s390x", "product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:096033a45f20be6e319cc35e9ac567b47371de3242c8cbaf3c9b474da1ed9d0f_s390x", "product_identification_helper": { "purl": "pkg:oci/lokistack-gateway-rhel8@sha256:096033a45f20be6e319cc35e9ac567b47371de3242c8cbaf3c9b474da1ed9d0f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-161" } } }, { "category": "product_version", "name": "openshift-logging/opa-openshift-rhel8@sha256:950220a88d151970a183d276589f846bc209d302e6de5fb7fe05cb9718597326_s390x", "product": { "name": "openshift-logging/opa-openshift-rhel8@sha256:950220a88d151970a183d276589f846bc209d302e6de5fb7fe05cb9718597326_s390x", "product_id": "openshift-logging/opa-openshift-rhel8@sha256:950220a88d151970a183d276589f846bc209d302e6de5fb7fe05cb9718597326_s390x", "product_identification_helper": { "purl": "pkg:oci/opa-openshift-rhel8@sha256:950220a88d151970a183d276589f846bc209d302e6de5fb7fe05cb9718597326?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-51" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-operator-bundle@sha256:37b6ad91114effd11b2701ccb89955bc53e124f48f16c84ffa0762e650203074_amd64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:37b6ad91114effd11b2701ccb89955bc53e124f48f16c84ffa0762e650203074_amd64" }, "product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:37b6ad91114effd11b2701ccb89955bc53e124f48f16c84ffa0762e650203074_amd64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:04d9b4e5635da41abb5abc5cab94ba8adc9ef974f0f2a8d0bd75aae8c4faf077_amd64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:04d9b4e5635da41abb5abc5cab94ba8adc9ef974f0f2a8d0bd75aae8c4faf077_amd64" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:04d9b4e5635da41abb5abc5cab94ba8adc9ef974f0f2a8d0bd75aae8c4faf077_amd64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:308bf7bffef3c969bb8d2bf02d516bf50a90f56fc700ae97d41bf3083ddc4f53_ppc64le as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:308bf7bffef3c969bb8d2bf02d516bf50a90f56fc700ae97d41bf3083ddc4f53_ppc64le" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:308bf7bffef3c969bb8d2bf02d516bf50a90f56fc700ae97d41bf3083ddc4f53_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:7333f1d60445adac0776fa4362ac2c5212faafe26d15da1e5f9b8fd3908cdf74_s390x as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:7333f1d60445adac0776fa4362ac2c5212faafe26d15da1e5f9b8fd3908cdf74_s390x" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:7333f1d60445adac0776fa4362ac2c5212faafe26d15da1e5f9b8fd3908cdf74_s390x", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:fef2924d6f8df4c405b474cd3d438ce8252f259c3803aeca37b6f994ceba3f5f_arm64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:fef2924d6f8df4c405b474cd3d438ce8252f259c3803aeca37b6f994ceba3f5f_arm64" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:fef2924d6f8df4c405b474cd3d438ce8252f259c3803aeca37b6f994ceba3f5f_arm64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-operator-bundle@sha256:f6af35418dc282c51902b462c03a6fe62d38d0ec83b9fd7c95cee754377b24af_amd64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:f6af35418dc282c51902b462c03a6fe62d38d0ec83b9fd7c95cee754377b24af_amd64" }, "product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:f6af35418dc282c51902b462c03a6fe62d38d0ec83b9fd7c95cee754377b24af_amd64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:0599ae2e322dafeef0293ccb97feb4a0a7778575143a6dda3a06bdb490f179e3_arm64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:0599ae2e322dafeef0293ccb97feb4a0a7778575143a6dda3a06bdb490f179e3_arm64" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:0599ae2e322dafeef0293ccb97feb4a0a7778575143a6dda3a06bdb490f179e3_arm64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a06d622a0e554353edbe29e46075f6ff383cb5bb008cd21521a0f3b4834a264a_amd64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a06d622a0e554353edbe29e46075f6ff383cb5bb008cd21521a0f3b4834a264a_amd64" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a06d622a0e554353edbe29e46075f6ff383cb5bb008cd21521a0f3b4834a264a_amd64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:d7575d0b9379fe3c69b0b8ea76bfd497dc2767acdd6f7c35550be08cc474fb29_ppc64le as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:d7575d0b9379fe3c69b0b8ea76bfd497dc2767acdd6f7c35550be08cc474fb29_ppc64le" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:d7575d0b9379fe3c69b0b8ea76bfd497dc2767acdd6f7c35550be08cc474fb29_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:fd1a319ecd675325f297dcb670f83ae809d82beddc10f99649b7fed05b32b3eb_s390x as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fd1a319ecd675325f297dcb670f83ae809d82beddc10f99649b7fed05b32b3eb_s390x" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:fd1a319ecd675325f297dcb670f83ae809d82beddc10f99649b7fed05b32b3eb_s390x", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:05e660bed7bf8c3bb0c0cec2f377f1cd7da6a2619fd51d89b13afc839e6e34ad_arm64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:05e660bed7bf8c3bb0c0cec2f377f1cd7da6a2619fd51d89b13afc839e6e34ad_arm64" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:05e660bed7bf8c3bb0c0cec2f377f1cd7da6a2619fd51d89b13afc839e6e34ad_arm64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1f72b33596d3a4fa61843ecfa59b70f68042df7c7fb8f367ac7d1983d19877da_s390x as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:1f72b33596d3a4fa61843ecfa59b70f68042df7c7fb8f367ac7d1983d19877da_s390x" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:1f72b33596d3a4fa61843ecfa59b70f68042df7c7fb8f367ac7d1983d19877da_s390x", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:6c2fce66b366d763f3a9c5242eba1604e19be44be45547748aab969d50559dec_ppc64le as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:6c2fce66b366d763f3a9c5242eba1604e19be44be45547748aab969d50559dec_ppc64le" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:6c2fce66b366d763f3a9c5242eba1604e19be44be45547748aab969d50559dec_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:71273bfac1b8d72f81e863681f329b2c834ac3b9b7797cccbf6ffb23efad8b0f_amd64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:71273bfac1b8d72f81e863681f329b2c834ac3b9b7797cccbf6ffb23efad8b0f_amd64" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:71273bfac1b8d72f81e863681f329b2c834ac3b9b7797cccbf6ffb23efad8b0f_amd64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:08808e86c1c4a6f1e64800760b3ea3b93d90a3215de920fddcadb7a5b29fb82e_s390x as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:08808e86c1c4a6f1e64800760b3ea3b93d90a3215de920fddcadb7a5b29fb82e_s390x" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:08808e86c1c4a6f1e64800760b3ea3b93d90a3215de920fddcadb7a5b29fb82e_s390x", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:3776dde25b75ec53b1172d175dcf00a8856e2fb97a9971047202b5cc0efb51be_ppc64le as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:3776dde25b75ec53b1172d175dcf00a8856e2fb97a9971047202b5cc0efb51be_ppc64le" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:3776dde25b75ec53b1172d175dcf00a8856e2fb97a9971047202b5cc0efb51be_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:ac76f4d5a07431295a760ea4892f8c6704de1a4d9959ea79568abd33c6f16550_arm64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:ac76f4d5a07431295a760ea4892f8c6704de1a4d9959ea79568abd33c6f16550_arm64" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:ac76f4d5a07431295a760ea4892f8c6704de1a4d9959ea79568abd33c6f16550_arm64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:f4565e374f73d72f720e571742ba6598ab4499fa0cca17cf3fa3078d0b9a6f37_amd64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:f4565e374f73d72f720e571742ba6598ab4499fa0cca17cf3fa3078d0b9a6f37_amd64" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:f4565e374f73d72f720e571742ba6598ab4499fa0cca17cf3fa3078d0b9a6f37_amd64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:364a0aeb3fbe41cb4563abe282eea246815996cee862a472090e3e2a3fb2b877_ppc64le as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:364a0aeb3fbe41cb4563abe282eea246815996cee862a472090e3e2a3fb2b877_ppc64le" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:364a0aeb3fbe41cb4563abe282eea246815996cee862a472090e3e2a3fb2b877_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:378d1d80a68f0c18800706a1d35e7808e7215914e8ae19890e35d4387481c078_s390x as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:378d1d80a68f0c18800706a1d35e7808e7215914e8ae19890e35d4387481c078_s390x" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:378d1d80a68f0c18800706a1d35e7808e7215914e8ae19890e35d4387481c078_s390x", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:48b65412b9d438362cfa492eeca2130f87997e22630668ff2b1b1c5a831ebe6e_arm64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:48b65412b9d438362cfa492eeca2130f87997e22630668ff2b1b1c5a831ebe6e_arm64" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:48b65412b9d438362cfa492eeca2130f87997e22630668ff2b1b1c5a831ebe6e_arm64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:b12aaab8e5ef6ec47539183283161348f314d05f56de672d34a6df576da905c8_amd64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:b12aaab8e5ef6ec47539183283161348f314d05f56de672d34a6df576da905c8_amd64" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:b12aaab8e5ef6ec47539183283161348f314d05f56de672d34a6df576da905c8_amd64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:0181f1dc2089fd0bd3ab9f22ea399a1750c6e5657bacefc4226ac3ea59debd44_amd64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:0181f1dc2089fd0bd3ab9f22ea399a1750c6e5657bacefc4226ac3ea59debd44_amd64" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:0181f1dc2089fd0bd3ab9f22ea399a1750c6e5657bacefc4226ac3ea59debd44_amd64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:0e831cf4a68dcb115710ae1996043ea2ce22849e55bc214e0bafb616fe8ed497_arm64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:0e831cf4a68dcb115710ae1996043ea2ce22849e55bc214e0bafb616fe8ed497_arm64" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:0e831cf4a68dcb115710ae1996043ea2ce22849e55bc214e0bafb616fe8ed497_arm64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:6b503da1639b35cab5ff76bd8058026875a9b2a0c6fc0b6df62c1fefe016345a_s390x as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:6b503da1639b35cab5ff76bd8058026875a9b2a0c6fc0b6df62c1fefe016345a_s390x" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:6b503da1639b35cab5ff76bd8058026875a9b2a0c6fc0b6df62c1fefe016345a_s390x", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:c440a0e7ce359b7c7649c7522540689c831c48f51407594a6bf4b0776ff3d104_ppc64le as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:c440a0e7ce359b7c7649c7522540689c831c48f51407594a6bf4b0776ff3d104_ppc64le" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:c440a0e7ce359b7c7649c7522540689c831c48f51407594a6bf4b0776ff3d104_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:7857d67e9f47c9caba32bd73271fcbfafd00047ea97956f065a39ba8782d44a3_ppc64le as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:7857d67e9f47c9caba32bd73271fcbfafd00047ea97956f065a39ba8782d44a3_ppc64le" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:7857d67e9f47c9caba32bd73271fcbfafd00047ea97956f065a39ba8782d44a3_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:7eb9000152182b004c4dddf1d5bd90eab32f5d11eac80670710a660c35dfa105_s390x as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:7eb9000152182b004c4dddf1d5bd90eab32f5d11eac80670710a660c35dfa105_s390x" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:7eb9000152182b004c4dddf1d5bd90eab32f5d11eac80670710a660c35dfa105_s390x", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:a40fd7ced648e328d9e122ea1239816e26744a2289b560c636461a737f814199_arm64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:a40fd7ced648e328d9e122ea1239816e26744a2289b560c636461a737f814199_arm64" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:a40fd7ced648e328d9e122ea1239816e26744a2289b560c636461a737f814199_arm64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:eaa0831f379fbe5d0263113dad7b0d6c13b117d43126ac489d253338f881b6c8_amd64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:eaa0831f379fbe5d0263113dad7b0d6c13b117d43126ac489d253338f881b6c8_amd64" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:eaa0831f379fbe5d0263113dad7b0d6c13b117d43126ac489d253338f881b6c8_amd64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:3a0993b049b4556d2011abfdb05bd61cfe6855b4ca444ee992fe58e25b31581f_arm64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:3a0993b049b4556d2011abfdb05bd61cfe6855b4ca444ee992fe58e25b31581f_arm64" }, "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:3a0993b049b4556d2011abfdb05bd61cfe6855b4ca444ee992fe58e25b31581f_arm64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ce5bd75e7e188877599222ac77ab7093fec0409cebd2bc379744830861d82ebf_s390x as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce5bd75e7e188877599222ac77ab7093fec0409cebd2bc379744830861d82ebf_s390x" }, "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ce5bd75e7e188877599222ac77ab7093fec0409cebd2bc379744830861d82ebf_s390x", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:d46966247189f43bf33cc82b937a59cdfcf10504ff8050119385bf63e7d81e34_amd64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d46966247189f43bf33cc82b937a59cdfcf10504ff8050119385bf63e7d81e34_amd64" }, "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:d46966247189f43bf33cc82b937a59cdfcf10504ff8050119385bf63e7d81e34_amd64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:f94785be16f1a0ce3fc41a081dfd8925c51290ae9206a101bdb98a051209c69c_ppc64le as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:f94785be16f1a0ce3fc41a081dfd8925c51290ae9206a101bdb98a051209c69c_ppc64le" }, "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:f94785be16f1a0ce3fc41a081dfd8925c51290ae9206a101bdb98a051209c69c_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:28a7b04ec5810ec7b7dcd3c233edb96ca324905e82ecabdadf551e616b7da05c_ppc64le as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:28a7b04ec5810ec7b7dcd3c233edb96ca324905e82ecabdadf551e616b7da05c_ppc64le" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:28a7b04ec5810ec7b7dcd3c233edb96ca324905e82ecabdadf551e616b7da05c_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:72e0218c73cd271d6aeb395a25f5ea7956daeae7c635fc04c7e6d27c2eb5e181_arm64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:72e0218c73cd271d6aeb395a25f5ea7956daeae7c635fc04c7e6d27c2eb5e181_arm64" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:72e0218c73cd271d6aeb395a25f5ea7956daeae7c635fc04c7e6d27c2eb5e181_arm64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:9169b406ff5e87edbe9243a568638bcc8d342ca685186bce6f6964cf5fa8785f_amd64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:9169b406ff5e87edbe9243a568638bcc8d342ca685186bce6f6964cf5fa8785f_amd64" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:9169b406ff5e87edbe9243a568638bcc8d342ca685186bce6f6964cf5fa8785f_amd64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:f6ec36b684176d59d688b3f2beb22caaaa7cf1781161d9f9c76c106ac56f9d46_s390x as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:f6ec36b684176d59d688b3f2beb22caaaa7cf1781161d9f9c76c106ac56f9d46_s390x" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:f6ec36b684176d59d688b3f2beb22caaaa7cf1781161d9f9c76c106ac56f9d46_s390x", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-loki-rhel8@sha256:287c2fdcf4be7c80d4ebf4bce0ac3ea1762ab35ca674f74db088c3f61ac232c1_amd64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:287c2fdcf4be7c80d4ebf4bce0ac3ea1762ab35ca674f74db088c3f61ac232c1_amd64" }, "product_reference": "openshift-logging/logging-loki-rhel8@sha256:287c2fdcf4be7c80d4ebf4bce0ac3ea1762ab35ca674f74db088c3f61ac232c1_amd64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-loki-rhel8@sha256:950aab49aafd6a97d5ed498ceee95f600462062f197a45d0020456133c7773c1_s390x as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:950aab49aafd6a97d5ed498ceee95f600462062f197a45d0020456133c7773c1_s390x" }, "product_reference": "openshift-logging/logging-loki-rhel8@sha256:950aab49aafd6a97d5ed498ceee95f600462062f197a45d0020456133c7773c1_s390x", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-loki-rhel8@sha256:951a8f3db7b38894f8276375bbb5bd5651652b4c550c27dea6140efe40026d2f_ppc64le as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:951a8f3db7b38894f8276375bbb5bd5651652b4c550c27dea6140efe40026d2f_ppc64le" }, "product_reference": "openshift-logging/logging-loki-rhel8@sha256:951a8f3db7b38894f8276375bbb5bd5651652b4c550c27dea6140efe40026d2f_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-loki-rhel8@sha256:c1bab2bb325a89d3e4fc339f95442a823d952596f80e9e756778d00982ff4e65_arm64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:c1bab2bb325a89d3e4fc339f95442a823d952596f80e9e756778d00982ff4e65_arm64" }, "product_reference": "openshift-logging/logging-loki-rhel8@sha256:c1bab2bb325a89d3e4fc339f95442a823d952596f80e9e756778d00982ff4e65_arm64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:4c19d67d3c3f58b6050971dbc1ca850d72bbc6fef857be4f69a6db8a9a19e3ef_amd64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4c19d67d3c3f58b6050971dbc1ca850d72bbc6fef857be4f69a6db8a9a19e3ef_amd64" }, "product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:4c19d67d3c3f58b6050971dbc1ca850d72bbc6fef857be4f69a6db8a9a19e3ef_amd64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:628c5faced7d608e3727326cc9d47b6cb1081181c9881736705b346f20c6dce4_s390x as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:628c5faced7d608e3727326cc9d47b6cb1081181c9881736705b346f20c6dce4_s390x" }, "product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:628c5faced7d608e3727326cc9d47b6cb1081181c9881736705b346f20c6dce4_s390x", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:c66c39c2e4df1c15daa82119fbfa3c16d67b0e730ca39db675b69c6a93fa6c5b_ppc64le as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:c66c39c2e4df1c15daa82119fbfa3c16d67b0e730ca39db675b69c6a93fa6c5b_ppc64le" }, "product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:c66c39c2e4df1c15daa82119fbfa3c16d67b0e730ca39db675b69c6a93fa6c5b_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:e6d7f327bdd8973037fdee50f91c12731ecb39c26dc20a164551e4396f56c218_arm64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:e6d7f327bdd8973037fdee50f91c12731ecb39c26dc20a164551e4396f56c218_arm64" }, "product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:e6d7f327bdd8973037fdee50f91c12731ecb39c26dc20a164551e4396f56c218_arm64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/loki-operator-bundle@sha256:2791b01acab311ef2386228772751c7702e1139e6db26f76be190ab3e79a3d38_amd64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:2791b01acab311ef2386228772751c7702e1139e6db26f76be190ab3e79a3d38_amd64" }, "product_reference": "openshift-logging/loki-operator-bundle@sha256:2791b01acab311ef2386228772751c7702e1139e6db26f76be190ab3e79a3d38_amd64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/loki-rhel8-operator@sha256:56d66398e41804fbebe5ba0ba78d9d32c5d0b22d4962e0cd9de7648adc78e7d5_amd64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:56d66398e41804fbebe5ba0ba78d9d32c5d0b22d4962e0cd9de7648adc78e7d5_amd64" }, "product_reference": "openshift-logging/loki-rhel8-operator@sha256:56d66398e41804fbebe5ba0ba78d9d32c5d0b22d4962e0cd9de7648adc78e7d5_amd64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/loki-rhel8-operator@sha256:7914c3a644a934a1d24a2ba2e9362b3b932a427ff02854a71b5075ee3b653cef_s390x as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:7914c3a644a934a1d24a2ba2e9362b3b932a427ff02854a71b5075ee3b653cef_s390x" }, "product_reference": "openshift-logging/loki-rhel8-operator@sha256:7914c3a644a934a1d24a2ba2e9362b3b932a427ff02854a71b5075ee3b653cef_s390x", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/loki-rhel8-operator@sha256:839dacd7f0ca3405440741d2c575ca4cfe6e4307e34f4669eca938edd176c25d_ppc64le as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:839dacd7f0ca3405440741d2c575ca4cfe6e4307e34f4669eca938edd176c25d_ppc64le" }, "product_reference": "openshift-logging/loki-rhel8-operator@sha256:839dacd7f0ca3405440741d2c575ca4cfe6e4307e34f4669eca938edd176c25d_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/loki-rhel8-operator@sha256:c21acce895095222da9bd3bc1885b8baa70f77aed5cb88d902fd164f54975578_arm64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:c21acce895095222da9bd3bc1885b8baa70f77aed5cb88d902fd164f54975578_arm64" }, "product_reference": "openshift-logging/loki-rhel8-operator@sha256:c21acce895095222da9bd3bc1885b8baa70f77aed5cb88d902fd164f54975578_arm64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:01a25a9b81000a99b3c473d9f2a93c27a7a6f8919d062bc615f78f9f7deb1024_arm64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:01a25a9b81000a99b3c473d9f2a93c27a7a6f8919d062bc615f78f9f7deb1024_arm64" }, "product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:01a25a9b81000a99b3c473d9f2a93c27a7a6f8919d062bc615f78f9f7deb1024_arm64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:096033a45f20be6e319cc35e9ac567b47371de3242c8cbaf3c9b474da1ed9d0f_s390x as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:096033a45f20be6e319cc35e9ac567b47371de3242c8cbaf3c9b474da1ed9d0f_s390x" }, "product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:096033a45f20be6e319cc35e9ac567b47371de3242c8cbaf3c9b474da1ed9d0f_s390x", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:6b3400f180c5a5ef95b5f5a933b8bfb0ef570c554985d700e4e10bbf876dd192_amd64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:6b3400f180c5a5ef95b5f5a933b8bfb0ef570c554985d700e4e10bbf876dd192_amd64" }, "product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:6b3400f180c5a5ef95b5f5a933b8bfb0ef570c554985d700e4e10bbf876dd192_amd64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:6f01a9f6e2390138b673feadd1cebd2a88e0149436093389b6a177bc0bc20e71_ppc64le as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:6f01a9f6e2390138b673feadd1cebd2a88e0149436093389b6a177bc0bc20e71_ppc64le" }, "product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:6f01a9f6e2390138b673feadd1cebd2a88e0149436093389b6a177bc0bc20e71_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/opa-openshift-rhel8@sha256:2e02678af3c1fae869742bae38403aa676ccdbec6fce43720be3c33399bfe965_amd64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:2e02678af3c1fae869742bae38403aa676ccdbec6fce43720be3c33399bfe965_amd64" }, "product_reference": "openshift-logging/opa-openshift-rhel8@sha256:2e02678af3c1fae869742bae38403aa676ccdbec6fce43720be3c33399bfe965_amd64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/opa-openshift-rhel8@sha256:950220a88d151970a183d276589f846bc209d302e6de5fb7fe05cb9718597326_s390x as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:950220a88d151970a183d276589f846bc209d302e6de5fb7fe05cb9718597326_s390x" }, "product_reference": "openshift-logging/opa-openshift-rhel8@sha256:950220a88d151970a183d276589f846bc209d302e6de5fb7fe05cb9718597326_s390x", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/opa-openshift-rhel8@sha256:9ae4b704b6326b14892f560168b2d5ce29f615360aab537b939c2ef00ef0933c_arm64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:9ae4b704b6326b14892f560168b2d5ce29f615360aab537b939c2ef00ef0933c_arm64" }, "product_reference": "openshift-logging/opa-openshift-rhel8@sha256:9ae4b704b6326b14892f560168b2d5ce29f615360aab537b939c2ef00ef0933c_arm64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/opa-openshift-rhel8@sha256:e11def073dcc8448c4c0f8bbb2c8f8a6b309a4199990d2c98a6b4092d2cf8d80_ppc64le as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:e11def073dcc8448c4c0f8bbb2c8f8a6b309a4199990d2c98a6b4092d2cf8d80_ppc64le" }, "product_reference": "openshift-logging/opa-openshift-rhel8@sha256:e11def073dcc8448c4c0f8bbb2c8f8a6b309a4199990d2c98a6b4092d2cf8d80_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/vector-rhel8@sha256:21ee0003cd6ac6035cbb9d88cf9f524681080b1198c687c49055d6cbec6ce0a6_ppc64le as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:21ee0003cd6ac6035cbb9d88cf9f524681080b1198c687c49055d6cbec6ce0a6_ppc64le" }, "product_reference": "openshift-logging/vector-rhel8@sha256:21ee0003cd6ac6035cbb9d88cf9f524681080b1198c687c49055d6cbec6ce0a6_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/vector-rhel8@sha256:25d0bb74c765fe7a5255da943a39121daac2dd93240efa932ed52fce0860101b_amd64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:25d0bb74c765fe7a5255da943a39121daac2dd93240efa932ed52fce0860101b_amd64" }, "product_reference": "openshift-logging/vector-rhel8@sha256:25d0bb74c765fe7a5255da943a39121daac2dd93240efa932ed52fce0860101b_amd64", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/vector-rhel8@sha256:56367c67b0be8e48f47ce1c30be92d1c9dd2bf123c7247a4852ce3a7e6c37795_s390x as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:56367c67b0be8e48f47ce1c30be92d1c9dd2bf123c7247a4852ce3a7e6c37795_s390x" }, "product_reference": "openshift-logging/vector-rhel8@sha256:56367c67b0be8e48f47ce1c30be92d1c9dd2bf123c7247a4852ce3a7e6c37795_s390x", "relates_to_product_reference": "8Base-RHOL-5.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/vector-rhel8@sha256:f5bcf8df21f81154708c975272975fb5bc3f29764eccf6c39c79f1aede39fbe2_arm64 as a component of RHOL 5.5 for RHEL 8", "product_id": "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:f5bcf8df21f81154708c975272975fb5bc3f29764eccf6c39c79f1aede39fbe2_arm64" }, "product_reference": "openshift-logging/vector-rhel8@sha256:f5bcf8df21f81154708c975272975fb5bc3f29764eccf6c39c79f1aede39fbe2_arm64", "relates_to_product_reference": "8Base-RHOL-5.5" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-24999", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:37b6ad91114effd11b2701ccb89955bc53e124f48f16c84ffa0762e650203074_amd64", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:04d9b4e5635da41abb5abc5cab94ba8adc9ef974f0f2a8d0bd75aae8c4faf077_amd64", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:308bf7bffef3c969bb8d2bf02d516bf50a90f56fc700ae97d41bf3083ddc4f53_ppc64le", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:7333f1d60445adac0776fa4362ac2c5212faafe26d15da1e5f9b8fd3908cdf74_s390x", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:fef2924d6f8df4c405b474cd3d438ce8252f259c3803aeca37b6f994ceba3f5f_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:f6af35418dc282c51902b462c03a6fe62d38d0ec83b9fd7c95cee754377b24af_amd64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:0599ae2e322dafeef0293ccb97feb4a0a7778575143a6dda3a06bdb490f179e3_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a06d622a0e554353edbe29e46075f6ff383cb5bb008cd21521a0f3b4834a264a_amd64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:d7575d0b9379fe3c69b0b8ea76bfd497dc2767acdd6f7c35550be08cc474fb29_ppc64le", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fd1a319ecd675325f297dcb670f83ae809d82beddc10f99649b7fed05b32b3eb_s390x", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:05e660bed7bf8c3bb0c0cec2f377f1cd7da6a2619fd51d89b13afc839e6e34ad_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:1f72b33596d3a4fa61843ecfa59b70f68042df7c7fb8f367ac7d1983d19877da_s390x", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:6c2fce66b366d763f3a9c5242eba1604e19be44be45547748aab969d50559dec_ppc64le", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:71273bfac1b8d72f81e863681f329b2c834ac3b9b7797cccbf6ffb23efad8b0f_amd64", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:08808e86c1c4a6f1e64800760b3ea3b93d90a3215de920fddcadb7a5b29fb82e_s390x", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:3776dde25b75ec53b1172d175dcf00a8856e2fb97a9971047202b5cc0efb51be_ppc64le", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:ac76f4d5a07431295a760ea4892f8c6704de1a4d9959ea79568abd33c6f16550_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:f4565e374f73d72f720e571742ba6598ab4499fa0cca17cf3fa3078d0b9a6f37_amd64", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:364a0aeb3fbe41cb4563abe282eea246815996cee862a472090e3e2a3fb2b877_ppc64le", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:378d1d80a68f0c18800706a1d35e7808e7215914e8ae19890e35d4387481c078_s390x", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:48b65412b9d438362cfa492eeca2130f87997e22630668ff2b1b1c5a831ebe6e_arm64", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:b12aaab8e5ef6ec47539183283161348f314d05f56de672d34a6df576da905c8_amd64", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:0181f1dc2089fd0bd3ab9f22ea399a1750c6e5657bacefc4226ac3ea59debd44_amd64", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:0e831cf4a68dcb115710ae1996043ea2ce22849e55bc214e0bafb616fe8ed497_arm64", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:6b503da1639b35cab5ff76bd8058026875a9b2a0c6fc0b6df62c1fefe016345a_s390x", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:c440a0e7ce359b7c7649c7522540689c831c48f51407594a6bf4b0776ff3d104_ppc64le", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:7857d67e9f47c9caba32bd73271fcbfafd00047ea97956f065a39ba8782d44a3_ppc64le", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:7eb9000152182b004c4dddf1d5bd90eab32f5d11eac80670710a660c35dfa105_s390x", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:a40fd7ced648e328d9e122ea1239816e26744a2289b560c636461a737f814199_arm64", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:eaa0831f379fbe5d0263113dad7b0d6c13b117d43126ac489d253338f881b6c8_amd64", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:3a0993b049b4556d2011abfdb05bd61cfe6855b4ca444ee992fe58e25b31581f_arm64", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce5bd75e7e188877599222ac77ab7093fec0409cebd2bc379744830861d82ebf_s390x", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d46966247189f43bf33cc82b937a59cdfcf10504ff8050119385bf63e7d81e34_amd64", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:f94785be16f1a0ce3fc41a081dfd8925c51290ae9206a101bdb98a051209c69c_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:28a7b04ec5810ec7b7dcd3c233edb96ca324905e82ecabdadf551e616b7da05c_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:72e0218c73cd271d6aeb395a25f5ea7956daeae7c635fc04c7e6d27c2eb5e181_arm64", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:9169b406ff5e87edbe9243a568638bcc8d342ca685186bce6f6964cf5fa8785f_amd64", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:f6ec36b684176d59d688b3f2beb22caaaa7cf1781161d9f9c76c106ac56f9d46_s390x", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:287c2fdcf4be7c80d4ebf4bce0ac3ea1762ab35ca674f74db088c3f61ac232c1_amd64", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:950aab49aafd6a97d5ed498ceee95f600462062f197a45d0020456133c7773c1_s390x", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:951a8f3db7b38894f8276375bbb5bd5651652b4c550c27dea6140efe40026d2f_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:c1bab2bb325a89d3e4fc339f95442a823d952596f80e9e756778d00982ff4e65_arm64", "8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:2791b01acab311ef2386228772751c7702e1139e6db26f76be190ab3e79a3d38_amd64", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:56d66398e41804fbebe5ba0ba78d9d32c5d0b22d4962e0cd9de7648adc78e7d5_amd64", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:7914c3a644a934a1d24a2ba2e9362b3b932a427ff02854a71b5075ee3b653cef_s390x", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:839dacd7f0ca3405440741d2c575ca4cfe6e4307e34f4669eca938edd176c25d_ppc64le", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:c21acce895095222da9bd3bc1885b8baa70f77aed5cb88d902fd164f54975578_arm64", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:01a25a9b81000a99b3c473d9f2a93c27a7a6f8919d062bc615f78f9f7deb1024_arm64", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:096033a45f20be6e319cc35e9ac567b47371de3242c8cbaf3c9b474da1ed9d0f_s390x", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:6b3400f180c5a5ef95b5f5a933b8bfb0ef570c554985d700e4e10bbf876dd192_amd64", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:6f01a9f6e2390138b673feadd1cebd2a88e0149436093389b6a177bc0bc20e71_ppc64le", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:2e02678af3c1fae869742bae38403aa676ccdbec6fce43720be3c33399bfe965_amd64", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:950220a88d151970a183d276589f846bc209d302e6de5fb7fe05cb9718597326_s390x", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:9ae4b704b6326b14892f560168b2d5ce29f615360aab537b939c2ef00ef0933c_arm64", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:e11def073dcc8448c4c0f8bbb2c8f8a6b309a4199990d2c98a6b4092d2cf8d80_ppc64le", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:21ee0003cd6ac6035cbb9d88cf9f524681080b1198c687c49055d6cbec6ce0a6_ppc64le", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:25d0bb74c765fe7a5255da943a39121daac2dd93240efa932ed52fce0860101b_amd64", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:56367c67b0be8e48f47ce1c30be92d1c9dd2bf123c7247a4852ce3a7e6c37795_s390x", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:f5bcf8df21f81154708c975272975fb5bc3f29764eccf6c39c79f1aede39fbe2_arm64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150323" } ], "notes": [ { "category": "description", "text": "A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "express: \"qs\" prototype poisoning causes the hang of the node process", "title": "Vulnerability summary" }, { "category": "other", "text": "- The qs and express Package is not used by the OpenShift Container Platform console directly and is only a third-party package dependency. Hence, it is marked as wontfix. \nAs a result, any services that depend on Openshift for their use of qs and express are marked won\u0027t fix. \n- In OpenShift Service Mesh, \u0027qs\u0027 is hoisted from storybook and node-sass, both are dev dependencies, and the vulnerability is not exposed to end users. Hence marked as wontfix.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4c19d67d3c3f58b6050971dbc1ca850d72bbc6fef857be4f69a6db8a9a19e3ef_amd64", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:628c5faced7d608e3727326cc9d47b6cb1081181c9881736705b346f20c6dce4_s390x", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:c66c39c2e4df1c15daa82119fbfa3c16d67b0e730ca39db675b69c6a93fa6c5b_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:e6d7f327bdd8973037fdee50f91c12731ecb39c26dc20a164551e4396f56c218_arm64" ], "known_not_affected": [ "8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:37b6ad91114effd11b2701ccb89955bc53e124f48f16c84ffa0762e650203074_amd64", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:04d9b4e5635da41abb5abc5cab94ba8adc9ef974f0f2a8d0bd75aae8c4faf077_amd64", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:308bf7bffef3c969bb8d2bf02d516bf50a90f56fc700ae97d41bf3083ddc4f53_ppc64le", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:7333f1d60445adac0776fa4362ac2c5212faafe26d15da1e5f9b8fd3908cdf74_s390x", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:fef2924d6f8df4c405b474cd3d438ce8252f259c3803aeca37b6f994ceba3f5f_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:f6af35418dc282c51902b462c03a6fe62d38d0ec83b9fd7c95cee754377b24af_amd64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:0599ae2e322dafeef0293ccb97feb4a0a7778575143a6dda3a06bdb490f179e3_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a06d622a0e554353edbe29e46075f6ff383cb5bb008cd21521a0f3b4834a264a_amd64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:d7575d0b9379fe3c69b0b8ea76bfd497dc2767acdd6f7c35550be08cc474fb29_ppc64le", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fd1a319ecd675325f297dcb670f83ae809d82beddc10f99649b7fed05b32b3eb_s390x", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:05e660bed7bf8c3bb0c0cec2f377f1cd7da6a2619fd51d89b13afc839e6e34ad_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:1f72b33596d3a4fa61843ecfa59b70f68042df7c7fb8f367ac7d1983d19877da_s390x", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:6c2fce66b366d763f3a9c5242eba1604e19be44be45547748aab969d50559dec_ppc64le", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:71273bfac1b8d72f81e863681f329b2c834ac3b9b7797cccbf6ffb23efad8b0f_amd64", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:08808e86c1c4a6f1e64800760b3ea3b93d90a3215de920fddcadb7a5b29fb82e_s390x", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:3776dde25b75ec53b1172d175dcf00a8856e2fb97a9971047202b5cc0efb51be_ppc64le", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:ac76f4d5a07431295a760ea4892f8c6704de1a4d9959ea79568abd33c6f16550_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:f4565e374f73d72f720e571742ba6598ab4499fa0cca17cf3fa3078d0b9a6f37_amd64", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:364a0aeb3fbe41cb4563abe282eea246815996cee862a472090e3e2a3fb2b877_ppc64le", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:378d1d80a68f0c18800706a1d35e7808e7215914e8ae19890e35d4387481c078_s390x", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:48b65412b9d438362cfa492eeca2130f87997e22630668ff2b1b1c5a831ebe6e_arm64", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:b12aaab8e5ef6ec47539183283161348f314d05f56de672d34a6df576da905c8_amd64", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:0181f1dc2089fd0bd3ab9f22ea399a1750c6e5657bacefc4226ac3ea59debd44_amd64", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:0e831cf4a68dcb115710ae1996043ea2ce22849e55bc214e0bafb616fe8ed497_arm64", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:6b503da1639b35cab5ff76bd8058026875a9b2a0c6fc0b6df62c1fefe016345a_s390x", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:c440a0e7ce359b7c7649c7522540689c831c48f51407594a6bf4b0776ff3d104_ppc64le", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:7857d67e9f47c9caba32bd73271fcbfafd00047ea97956f065a39ba8782d44a3_ppc64le", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:7eb9000152182b004c4dddf1d5bd90eab32f5d11eac80670710a660c35dfa105_s390x", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:a40fd7ced648e328d9e122ea1239816e26744a2289b560c636461a737f814199_arm64", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:eaa0831f379fbe5d0263113dad7b0d6c13b117d43126ac489d253338f881b6c8_amd64", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:3a0993b049b4556d2011abfdb05bd61cfe6855b4ca444ee992fe58e25b31581f_arm64", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce5bd75e7e188877599222ac77ab7093fec0409cebd2bc379744830861d82ebf_s390x", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d46966247189f43bf33cc82b937a59cdfcf10504ff8050119385bf63e7d81e34_amd64", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:f94785be16f1a0ce3fc41a081dfd8925c51290ae9206a101bdb98a051209c69c_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:28a7b04ec5810ec7b7dcd3c233edb96ca324905e82ecabdadf551e616b7da05c_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:72e0218c73cd271d6aeb395a25f5ea7956daeae7c635fc04c7e6d27c2eb5e181_arm64", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:9169b406ff5e87edbe9243a568638bcc8d342ca685186bce6f6964cf5fa8785f_amd64", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:f6ec36b684176d59d688b3f2beb22caaaa7cf1781161d9f9c76c106ac56f9d46_s390x", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:287c2fdcf4be7c80d4ebf4bce0ac3ea1762ab35ca674f74db088c3f61ac232c1_amd64", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:950aab49aafd6a97d5ed498ceee95f600462062f197a45d0020456133c7773c1_s390x", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:951a8f3db7b38894f8276375bbb5bd5651652b4c550c27dea6140efe40026d2f_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:c1bab2bb325a89d3e4fc339f95442a823d952596f80e9e756778d00982ff4e65_arm64", "8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:2791b01acab311ef2386228772751c7702e1139e6db26f76be190ab3e79a3d38_amd64", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:56d66398e41804fbebe5ba0ba78d9d32c5d0b22d4962e0cd9de7648adc78e7d5_amd64", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:7914c3a644a934a1d24a2ba2e9362b3b932a427ff02854a71b5075ee3b653cef_s390x", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:839dacd7f0ca3405440741d2c575ca4cfe6e4307e34f4669eca938edd176c25d_ppc64le", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:c21acce895095222da9bd3bc1885b8baa70f77aed5cb88d902fd164f54975578_arm64", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:01a25a9b81000a99b3c473d9f2a93c27a7a6f8919d062bc615f78f9f7deb1024_arm64", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:096033a45f20be6e319cc35e9ac567b47371de3242c8cbaf3c9b474da1ed9d0f_s390x", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:6b3400f180c5a5ef95b5f5a933b8bfb0ef570c554985d700e4e10bbf876dd192_amd64", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:6f01a9f6e2390138b673feadd1cebd2a88e0149436093389b6a177bc0bc20e71_ppc64le", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:2e02678af3c1fae869742bae38403aa676ccdbec6fce43720be3c33399bfe965_amd64", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:950220a88d151970a183d276589f846bc209d302e6de5fb7fe05cb9718597326_s390x", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:9ae4b704b6326b14892f560168b2d5ce29f615360aab537b939c2ef00ef0933c_arm64", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:e11def073dcc8448c4c0f8bbb2c8f8a6b309a4199990d2c98a6b4092d2cf8d80_ppc64le", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:21ee0003cd6ac6035cbb9d88cf9f524681080b1198c687c49055d6cbec6ce0a6_ppc64le", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:25d0bb74c765fe7a5255da943a39121daac2dd93240efa932ed52fce0860101b_amd64", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:56367c67b0be8e48f47ce1c30be92d1c9dd2bf123c7247a4852ce3a7e6c37795_s390x", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:f5bcf8df21f81154708c975272975fb5bc3f29764eccf6c39c79f1aede39fbe2_arm64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24999" }, { "category": "external", "summary": "RHBZ#2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24999", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999" }, { "category": "external", "summary": "https://github.com/expressjs/express/releases/tag/4.17.3", "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "category": "external", "summary": "https://github.com/ljharb/qs/pull/428", "url": "https://github.com/ljharb/qs/pull/428" }, { "category": "external", "summary": "https://github.com/n8tz/CVE-2022-24999", "url": "https://github.com/n8tz/CVE-2022-24999" } ], "release_date": "2022-11-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-08T15:35:11+00:00", "details": "For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html\n\nFor Red Hat OpenShift Logging 5.5, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html", "product_ids": [ "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4c19d67d3c3f58b6050971dbc1ca850d72bbc6fef857be4f69a6db8a9a19e3ef_amd64", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:628c5faced7d608e3727326cc9d47b6cb1081181c9881736705b346f20c6dce4_s390x", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:c66c39c2e4df1c15daa82119fbfa3c16d67b0e730ca39db675b69c6a93fa6c5b_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:e6d7f327bdd8973037fdee50f91c12731ecb39c26dc20a164551e4396f56c218_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0930" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:37b6ad91114effd11b2701ccb89955bc53e124f48f16c84ffa0762e650203074_amd64", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:04d9b4e5635da41abb5abc5cab94ba8adc9ef974f0f2a8d0bd75aae8c4faf077_amd64", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:308bf7bffef3c969bb8d2bf02d516bf50a90f56fc700ae97d41bf3083ddc4f53_ppc64le", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:7333f1d60445adac0776fa4362ac2c5212faafe26d15da1e5f9b8fd3908cdf74_s390x", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:fef2924d6f8df4c405b474cd3d438ce8252f259c3803aeca37b6f994ceba3f5f_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:f6af35418dc282c51902b462c03a6fe62d38d0ec83b9fd7c95cee754377b24af_amd64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:0599ae2e322dafeef0293ccb97feb4a0a7778575143a6dda3a06bdb490f179e3_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a06d622a0e554353edbe29e46075f6ff383cb5bb008cd21521a0f3b4834a264a_amd64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:d7575d0b9379fe3c69b0b8ea76bfd497dc2767acdd6f7c35550be08cc474fb29_ppc64le", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fd1a319ecd675325f297dcb670f83ae809d82beddc10f99649b7fed05b32b3eb_s390x", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:05e660bed7bf8c3bb0c0cec2f377f1cd7da6a2619fd51d89b13afc839e6e34ad_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:1f72b33596d3a4fa61843ecfa59b70f68042df7c7fb8f367ac7d1983d19877da_s390x", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:6c2fce66b366d763f3a9c5242eba1604e19be44be45547748aab969d50559dec_ppc64le", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:71273bfac1b8d72f81e863681f329b2c834ac3b9b7797cccbf6ffb23efad8b0f_amd64", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:08808e86c1c4a6f1e64800760b3ea3b93d90a3215de920fddcadb7a5b29fb82e_s390x", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:3776dde25b75ec53b1172d175dcf00a8856e2fb97a9971047202b5cc0efb51be_ppc64le", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:ac76f4d5a07431295a760ea4892f8c6704de1a4d9959ea79568abd33c6f16550_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:f4565e374f73d72f720e571742ba6598ab4499fa0cca17cf3fa3078d0b9a6f37_amd64", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:364a0aeb3fbe41cb4563abe282eea246815996cee862a472090e3e2a3fb2b877_ppc64le", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:378d1d80a68f0c18800706a1d35e7808e7215914e8ae19890e35d4387481c078_s390x", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:48b65412b9d438362cfa492eeca2130f87997e22630668ff2b1b1c5a831ebe6e_arm64", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:b12aaab8e5ef6ec47539183283161348f314d05f56de672d34a6df576da905c8_amd64", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:0181f1dc2089fd0bd3ab9f22ea399a1750c6e5657bacefc4226ac3ea59debd44_amd64", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:0e831cf4a68dcb115710ae1996043ea2ce22849e55bc214e0bafb616fe8ed497_arm64", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:6b503da1639b35cab5ff76bd8058026875a9b2a0c6fc0b6df62c1fefe016345a_s390x", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:c440a0e7ce359b7c7649c7522540689c831c48f51407594a6bf4b0776ff3d104_ppc64le", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:7857d67e9f47c9caba32bd73271fcbfafd00047ea97956f065a39ba8782d44a3_ppc64le", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:7eb9000152182b004c4dddf1d5bd90eab32f5d11eac80670710a660c35dfa105_s390x", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:a40fd7ced648e328d9e122ea1239816e26744a2289b560c636461a737f814199_arm64", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:eaa0831f379fbe5d0263113dad7b0d6c13b117d43126ac489d253338f881b6c8_amd64", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:3a0993b049b4556d2011abfdb05bd61cfe6855b4ca444ee992fe58e25b31581f_arm64", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce5bd75e7e188877599222ac77ab7093fec0409cebd2bc379744830861d82ebf_s390x", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d46966247189f43bf33cc82b937a59cdfcf10504ff8050119385bf63e7d81e34_amd64", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:f94785be16f1a0ce3fc41a081dfd8925c51290ae9206a101bdb98a051209c69c_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:28a7b04ec5810ec7b7dcd3c233edb96ca324905e82ecabdadf551e616b7da05c_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:72e0218c73cd271d6aeb395a25f5ea7956daeae7c635fc04c7e6d27c2eb5e181_arm64", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:9169b406ff5e87edbe9243a568638bcc8d342ca685186bce6f6964cf5fa8785f_amd64", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:f6ec36b684176d59d688b3f2beb22caaaa7cf1781161d9f9c76c106ac56f9d46_s390x", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:287c2fdcf4be7c80d4ebf4bce0ac3ea1762ab35ca674f74db088c3f61ac232c1_amd64", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:950aab49aafd6a97d5ed498ceee95f600462062f197a45d0020456133c7773c1_s390x", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:951a8f3db7b38894f8276375bbb5bd5651652b4c550c27dea6140efe40026d2f_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:c1bab2bb325a89d3e4fc339f95442a823d952596f80e9e756778d00982ff4e65_arm64", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4c19d67d3c3f58b6050971dbc1ca850d72bbc6fef857be4f69a6db8a9a19e3ef_amd64", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:628c5faced7d608e3727326cc9d47b6cb1081181c9881736705b346f20c6dce4_s390x", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:c66c39c2e4df1c15daa82119fbfa3c16d67b0e730ca39db675b69c6a93fa6c5b_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:e6d7f327bdd8973037fdee50f91c12731ecb39c26dc20a164551e4396f56c218_arm64", "8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:2791b01acab311ef2386228772751c7702e1139e6db26f76be190ab3e79a3d38_amd64", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:56d66398e41804fbebe5ba0ba78d9d32c5d0b22d4962e0cd9de7648adc78e7d5_amd64", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:7914c3a644a934a1d24a2ba2e9362b3b932a427ff02854a71b5075ee3b653cef_s390x", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:839dacd7f0ca3405440741d2c575ca4cfe6e4307e34f4669eca938edd176c25d_ppc64le", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:c21acce895095222da9bd3bc1885b8baa70f77aed5cb88d902fd164f54975578_arm64", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:01a25a9b81000a99b3c473d9f2a93c27a7a6f8919d062bc615f78f9f7deb1024_arm64", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:096033a45f20be6e319cc35e9ac567b47371de3242c8cbaf3c9b474da1ed9d0f_s390x", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:6b3400f180c5a5ef95b5f5a933b8bfb0ef570c554985d700e4e10bbf876dd192_amd64", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:6f01a9f6e2390138b673feadd1cebd2a88e0149436093389b6a177bc0bc20e71_ppc64le", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:2e02678af3c1fae869742bae38403aa676ccdbec6fce43720be3c33399bfe965_amd64", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:950220a88d151970a183d276589f846bc209d302e6de5fb7fe05cb9718597326_s390x", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:9ae4b704b6326b14892f560168b2d5ce29f615360aab537b939c2ef00ef0933c_arm64", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:e11def073dcc8448c4c0f8bbb2c8f8a6b309a4199990d2c98a6b4092d2cf8d80_ppc64le", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:21ee0003cd6ac6035cbb9d88cf9f524681080b1198c687c49055d6cbec6ce0a6_ppc64le", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:25d0bb74c765fe7a5255da943a39121daac2dd93240efa932ed52fce0860101b_amd64", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:56367c67b0be8e48f47ce1c30be92d1c9dd2bf123c7247a4852ce3a7e6c37795_s390x", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:f5bcf8df21f81154708c975272975fb5bc3f29764eccf6c39c79f1aede39fbe2_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "express: \"qs\" prototype poisoning causes the hang of the node process" }, { "cve": "CVE-2022-41717", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2023-01-16T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:37b6ad91114effd11b2701ccb89955bc53e124f48f16c84ffa0762e650203074_amd64", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:04d9b4e5635da41abb5abc5cab94ba8adc9ef974f0f2a8d0bd75aae8c4faf077_amd64", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:308bf7bffef3c969bb8d2bf02d516bf50a90f56fc700ae97d41bf3083ddc4f53_ppc64le", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:7333f1d60445adac0776fa4362ac2c5212faafe26d15da1e5f9b8fd3908cdf74_s390x", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:fef2924d6f8df4c405b474cd3d438ce8252f259c3803aeca37b6f994ceba3f5f_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:f6af35418dc282c51902b462c03a6fe62d38d0ec83b9fd7c95cee754377b24af_amd64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:0599ae2e322dafeef0293ccb97feb4a0a7778575143a6dda3a06bdb490f179e3_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a06d622a0e554353edbe29e46075f6ff383cb5bb008cd21521a0f3b4834a264a_amd64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:d7575d0b9379fe3c69b0b8ea76bfd497dc2767acdd6f7c35550be08cc474fb29_ppc64le", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fd1a319ecd675325f297dcb670f83ae809d82beddc10f99649b7fed05b32b3eb_s390x", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:08808e86c1c4a6f1e64800760b3ea3b93d90a3215de920fddcadb7a5b29fb82e_s390x", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:3776dde25b75ec53b1172d175dcf00a8856e2fb97a9971047202b5cc0efb51be_ppc64le", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:ac76f4d5a07431295a760ea4892f8c6704de1a4d9959ea79568abd33c6f16550_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:f4565e374f73d72f720e571742ba6598ab4499fa0cca17cf3fa3078d0b9a6f37_amd64", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:0181f1dc2089fd0bd3ab9f22ea399a1750c6e5657bacefc4226ac3ea59debd44_amd64", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:0e831cf4a68dcb115710ae1996043ea2ce22849e55bc214e0bafb616fe8ed497_arm64", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:6b503da1639b35cab5ff76bd8058026875a9b2a0c6fc0b6df62c1fefe016345a_s390x", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:c440a0e7ce359b7c7649c7522540689c831c48f51407594a6bf4b0776ff3d104_ppc64le", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:7857d67e9f47c9caba32bd73271fcbfafd00047ea97956f065a39ba8782d44a3_ppc64le", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:7eb9000152182b004c4dddf1d5bd90eab32f5d11eac80670710a660c35dfa105_s390x", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:a40fd7ced648e328d9e122ea1239816e26744a2289b560c636461a737f814199_arm64", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:eaa0831f379fbe5d0263113dad7b0d6c13b117d43126ac489d253338f881b6c8_amd64", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:3a0993b049b4556d2011abfdb05bd61cfe6855b4ca444ee992fe58e25b31581f_arm64", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce5bd75e7e188877599222ac77ab7093fec0409cebd2bc379744830861d82ebf_s390x", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d46966247189f43bf33cc82b937a59cdfcf10504ff8050119385bf63e7d81e34_amd64", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:f94785be16f1a0ce3fc41a081dfd8925c51290ae9206a101bdb98a051209c69c_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:28a7b04ec5810ec7b7dcd3c233edb96ca324905e82ecabdadf551e616b7da05c_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:72e0218c73cd271d6aeb395a25f5ea7956daeae7c635fc04c7e6d27c2eb5e181_arm64", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:9169b406ff5e87edbe9243a568638bcc8d342ca685186bce6f6964cf5fa8785f_amd64", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:f6ec36b684176d59d688b3f2beb22caaaa7cf1781161d9f9c76c106ac56f9d46_s390x", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4c19d67d3c3f58b6050971dbc1ca850d72bbc6fef857be4f69a6db8a9a19e3ef_amd64", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:628c5faced7d608e3727326cc9d47b6cb1081181c9881736705b346f20c6dce4_s390x", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:c66c39c2e4df1c15daa82119fbfa3c16d67b0e730ca39db675b69c6a93fa6c5b_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:e6d7f327bdd8973037fdee50f91c12731ecb39c26dc20a164551e4396f56c218_arm64", "8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:2791b01acab311ef2386228772751c7702e1139e6db26f76be190ab3e79a3d38_amd64", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:56d66398e41804fbebe5ba0ba78d9d32c5d0b22d4962e0cd9de7648adc78e7d5_amd64", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:7914c3a644a934a1d24a2ba2e9362b3b932a427ff02854a71b5075ee3b653cef_s390x", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:839dacd7f0ca3405440741d2c575ca4cfe6e4307e34f4669eca938edd176c25d_ppc64le", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:c21acce895095222da9bd3bc1885b8baa70f77aed5cb88d902fd164f54975578_arm64", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:01a25a9b81000a99b3c473d9f2a93c27a7a6f8919d062bc615f78f9f7deb1024_arm64", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:096033a45f20be6e319cc35e9ac567b47371de3242c8cbaf3c9b474da1ed9d0f_s390x", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:6b3400f180c5a5ef95b5f5a933b8bfb0ef570c554985d700e4e10bbf876dd192_amd64", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:6f01a9f6e2390138b673feadd1cebd2a88e0149436093389b6a177bc0bc20e71_ppc64le", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:2e02678af3c1fae869742bae38403aa676ccdbec6fce43720be3c33399bfe965_amd64", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:950220a88d151970a183d276589f846bc209d302e6de5fb7fe05cb9718597326_s390x", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:9ae4b704b6326b14892f560168b2d5ce29f615360aab537b939c2ef00ef0933c_arm64", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:e11def073dcc8448c4c0f8bbb2c8f8a6b309a4199990d2c98a6b4092d2cf8d80_ppc64le", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:21ee0003cd6ac6035cbb9d88cf9f524681080b1198c687c49055d6cbec6ce0a6_ppc64le", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:25d0bb74c765fe7a5255da943a39121daac2dd93240efa932ed52fce0860101b_amd64", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:56367c67b0be8e48f47ce1c30be92d1c9dd2bf123c7247a4852ce3a7e6c37795_s390x", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:f5bcf8df21f81154708c975272975fb5bc3f29764eccf6c39c79f1aede39fbe2_arm64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2161274" } ], "notes": [ { "category": "description", "text": "A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests", "title": "Vulnerability summary" }, { "category": "other", "text": "Within Red Hat OpenShift Container Platform, the grafana container is listed as will not fix. Since OCP 4.10, Grafana itself is not shipped and the Grafana web server is protected behind an OAuth proxy server.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:05e660bed7bf8c3bb0c0cec2f377f1cd7da6a2619fd51d89b13afc839e6e34ad_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:1f72b33596d3a4fa61843ecfa59b70f68042df7c7fb8f367ac7d1983d19877da_s390x", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:6c2fce66b366d763f3a9c5242eba1604e19be44be45547748aab969d50559dec_ppc64le", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:71273bfac1b8d72f81e863681f329b2c834ac3b9b7797cccbf6ffb23efad8b0f_amd64", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:364a0aeb3fbe41cb4563abe282eea246815996cee862a472090e3e2a3fb2b877_ppc64le", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:378d1d80a68f0c18800706a1d35e7808e7215914e8ae19890e35d4387481c078_s390x", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:48b65412b9d438362cfa492eeca2130f87997e22630668ff2b1b1c5a831ebe6e_arm64", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:b12aaab8e5ef6ec47539183283161348f314d05f56de672d34a6df576da905c8_amd64", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:287c2fdcf4be7c80d4ebf4bce0ac3ea1762ab35ca674f74db088c3f61ac232c1_amd64", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:950aab49aafd6a97d5ed498ceee95f600462062f197a45d0020456133c7773c1_s390x", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:951a8f3db7b38894f8276375bbb5bd5651652b4c550c27dea6140efe40026d2f_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:c1bab2bb325a89d3e4fc339f95442a823d952596f80e9e756778d00982ff4e65_arm64" ], "known_not_affected": [ "8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:37b6ad91114effd11b2701ccb89955bc53e124f48f16c84ffa0762e650203074_amd64", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:04d9b4e5635da41abb5abc5cab94ba8adc9ef974f0f2a8d0bd75aae8c4faf077_amd64", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:308bf7bffef3c969bb8d2bf02d516bf50a90f56fc700ae97d41bf3083ddc4f53_ppc64le", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:7333f1d60445adac0776fa4362ac2c5212faafe26d15da1e5f9b8fd3908cdf74_s390x", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:fef2924d6f8df4c405b474cd3d438ce8252f259c3803aeca37b6f994ceba3f5f_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:f6af35418dc282c51902b462c03a6fe62d38d0ec83b9fd7c95cee754377b24af_amd64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:0599ae2e322dafeef0293ccb97feb4a0a7778575143a6dda3a06bdb490f179e3_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a06d622a0e554353edbe29e46075f6ff383cb5bb008cd21521a0f3b4834a264a_amd64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:d7575d0b9379fe3c69b0b8ea76bfd497dc2767acdd6f7c35550be08cc474fb29_ppc64le", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fd1a319ecd675325f297dcb670f83ae809d82beddc10f99649b7fed05b32b3eb_s390x", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:08808e86c1c4a6f1e64800760b3ea3b93d90a3215de920fddcadb7a5b29fb82e_s390x", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:3776dde25b75ec53b1172d175dcf00a8856e2fb97a9971047202b5cc0efb51be_ppc64le", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:ac76f4d5a07431295a760ea4892f8c6704de1a4d9959ea79568abd33c6f16550_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:f4565e374f73d72f720e571742ba6598ab4499fa0cca17cf3fa3078d0b9a6f37_amd64", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:0181f1dc2089fd0bd3ab9f22ea399a1750c6e5657bacefc4226ac3ea59debd44_amd64", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:0e831cf4a68dcb115710ae1996043ea2ce22849e55bc214e0bafb616fe8ed497_arm64", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:6b503da1639b35cab5ff76bd8058026875a9b2a0c6fc0b6df62c1fefe016345a_s390x", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:c440a0e7ce359b7c7649c7522540689c831c48f51407594a6bf4b0776ff3d104_ppc64le", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:7857d67e9f47c9caba32bd73271fcbfafd00047ea97956f065a39ba8782d44a3_ppc64le", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:7eb9000152182b004c4dddf1d5bd90eab32f5d11eac80670710a660c35dfa105_s390x", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:a40fd7ced648e328d9e122ea1239816e26744a2289b560c636461a737f814199_arm64", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:eaa0831f379fbe5d0263113dad7b0d6c13b117d43126ac489d253338f881b6c8_amd64", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:3a0993b049b4556d2011abfdb05bd61cfe6855b4ca444ee992fe58e25b31581f_arm64", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce5bd75e7e188877599222ac77ab7093fec0409cebd2bc379744830861d82ebf_s390x", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d46966247189f43bf33cc82b937a59cdfcf10504ff8050119385bf63e7d81e34_amd64", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:f94785be16f1a0ce3fc41a081dfd8925c51290ae9206a101bdb98a051209c69c_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:28a7b04ec5810ec7b7dcd3c233edb96ca324905e82ecabdadf551e616b7da05c_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:72e0218c73cd271d6aeb395a25f5ea7956daeae7c635fc04c7e6d27c2eb5e181_arm64", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:9169b406ff5e87edbe9243a568638bcc8d342ca685186bce6f6964cf5fa8785f_amd64", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:f6ec36b684176d59d688b3f2beb22caaaa7cf1781161d9f9c76c106ac56f9d46_s390x", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4c19d67d3c3f58b6050971dbc1ca850d72bbc6fef857be4f69a6db8a9a19e3ef_amd64", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:628c5faced7d608e3727326cc9d47b6cb1081181c9881736705b346f20c6dce4_s390x", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:c66c39c2e4df1c15daa82119fbfa3c16d67b0e730ca39db675b69c6a93fa6c5b_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:e6d7f327bdd8973037fdee50f91c12731ecb39c26dc20a164551e4396f56c218_arm64", "8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:2791b01acab311ef2386228772751c7702e1139e6db26f76be190ab3e79a3d38_amd64", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:56d66398e41804fbebe5ba0ba78d9d32c5d0b22d4962e0cd9de7648adc78e7d5_amd64", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:7914c3a644a934a1d24a2ba2e9362b3b932a427ff02854a71b5075ee3b653cef_s390x", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:839dacd7f0ca3405440741d2c575ca4cfe6e4307e34f4669eca938edd176c25d_ppc64le", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:c21acce895095222da9bd3bc1885b8baa70f77aed5cb88d902fd164f54975578_arm64", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:01a25a9b81000a99b3c473d9f2a93c27a7a6f8919d062bc615f78f9f7deb1024_arm64", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:096033a45f20be6e319cc35e9ac567b47371de3242c8cbaf3c9b474da1ed9d0f_s390x", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:6b3400f180c5a5ef95b5f5a933b8bfb0ef570c554985d700e4e10bbf876dd192_amd64", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:6f01a9f6e2390138b673feadd1cebd2a88e0149436093389b6a177bc0bc20e71_ppc64le", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:2e02678af3c1fae869742bae38403aa676ccdbec6fce43720be3c33399bfe965_amd64", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:950220a88d151970a183d276589f846bc209d302e6de5fb7fe05cb9718597326_s390x", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:9ae4b704b6326b14892f560168b2d5ce29f615360aab537b939c2ef00ef0933c_arm64", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:e11def073dcc8448c4c0f8bbb2c8f8a6b309a4199990d2c98a6b4092d2cf8d80_ppc64le", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:21ee0003cd6ac6035cbb9d88cf9f524681080b1198c687c49055d6cbec6ce0a6_ppc64le", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:25d0bb74c765fe7a5255da943a39121daac2dd93240efa932ed52fce0860101b_amd64", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:56367c67b0be8e48f47ce1c30be92d1c9dd2bf123c7247a4852ce3a7e6c37795_s390x", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:f5bcf8df21f81154708c975272975fb5bc3f29764eccf6c39c79f1aede39fbe2_arm64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41717" }, { "category": "external", "summary": "RHBZ#2161274", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41717", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41717" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717" }, { "category": "external", "summary": "https://go.dev/cl/455635", "url": "https://go.dev/cl/455635" }, { "category": "external", "summary": "https://go.dev/cl/455717", "url": "https://go.dev/cl/455717" }, { "category": "external", "summary": "https://go.dev/issue/56350", "url": "https://go.dev/issue/56350" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", "url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2022-1144", "url": "https://pkg.go.dev/vuln/GO-2022-1144" } ], "release_date": "2022-11-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-08T15:35:11+00:00", "details": "For OpenShift Container Platform 4.11 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html\n\nFor Red Hat OpenShift Logging 5.5, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html", "product_ids": [ "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:05e660bed7bf8c3bb0c0cec2f377f1cd7da6a2619fd51d89b13afc839e6e34ad_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:1f72b33596d3a4fa61843ecfa59b70f68042df7c7fb8f367ac7d1983d19877da_s390x", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:6c2fce66b366d763f3a9c5242eba1604e19be44be45547748aab969d50559dec_ppc64le", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:71273bfac1b8d72f81e863681f329b2c834ac3b9b7797cccbf6ffb23efad8b0f_amd64", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:364a0aeb3fbe41cb4563abe282eea246815996cee862a472090e3e2a3fb2b877_ppc64le", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:378d1d80a68f0c18800706a1d35e7808e7215914e8ae19890e35d4387481c078_s390x", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:48b65412b9d438362cfa492eeca2130f87997e22630668ff2b1b1c5a831ebe6e_arm64", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:b12aaab8e5ef6ec47539183283161348f314d05f56de672d34a6df576da905c8_amd64", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:287c2fdcf4be7c80d4ebf4bce0ac3ea1762ab35ca674f74db088c3f61ac232c1_amd64", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:950aab49aafd6a97d5ed498ceee95f600462062f197a45d0020456133c7773c1_s390x", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:951a8f3db7b38894f8276375bbb5bd5651652b4c550c27dea6140efe40026d2f_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:c1bab2bb325a89d3e4fc339f95442a823d952596f80e9e756778d00982ff4e65_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0930" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHOL-5.5:openshift-logging/cluster-logging-operator-bundle@sha256:37b6ad91114effd11b2701ccb89955bc53e124f48f16c84ffa0762e650203074_amd64", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:04d9b4e5635da41abb5abc5cab94ba8adc9ef974f0f2a8d0bd75aae8c4faf077_amd64", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:308bf7bffef3c969bb8d2bf02d516bf50a90f56fc700ae97d41bf3083ddc4f53_ppc64le", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:7333f1d60445adac0776fa4362ac2c5212faafe26d15da1e5f9b8fd3908cdf74_s390x", "8Base-RHOL-5.5:openshift-logging/cluster-logging-rhel8-operator@sha256:fef2924d6f8df4c405b474cd3d438ce8252f259c3803aeca37b6f994ceba3f5f_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-operator-bundle@sha256:f6af35418dc282c51902b462c03a6fe62d38d0ec83b9fd7c95cee754377b24af_amd64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:0599ae2e322dafeef0293ccb97feb4a0a7778575143a6dda3a06bdb490f179e3_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:a06d622a0e554353edbe29e46075f6ff383cb5bb008cd21521a0f3b4834a264a_amd64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:d7575d0b9379fe3c69b0b8ea76bfd497dc2767acdd6f7c35550be08cc474fb29_ppc64le", "8Base-RHOL-5.5:openshift-logging/elasticsearch-proxy-rhel8@sha256:fd1a319ecd675325f297dcb670f83ae809d82beddc10f99649b7fed05b32b3eb_s390x", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:05e660bed7bf8c3bb0c0cec2f377f1cd7da6a2619fd51d89b13afc839e6e34ad_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:1f72b33596d3a4fa61843ecfa59b70f68042df7c7fb8f367ac7d1983d19877da_s390x", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:6c2fce66b366d763f3a9c5242eba1604e19be44be45547748aab969d50559dec_ppc64le", "8Base-RHOL-5.5:openshift-logging/elasticsearch-rhel8-operator@sha256:71273bfac1b8d72f81e863681f329b2c834ac3b9b7797cccbf6ffb23efad8b0f_amd64", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:08808e86c1c4a6f1e64800760b3ea3b93d90a3215de920fddcadb7a5b29fb82e_s390x", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:3776dde25b75ec53b1172d175dcf00a8856e2fb97a9971047202b5cc0efb51be_ppc64le", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:ac76f4d5a07431295a760ea4892f8c6704de1a4d9959ea79568abd33c6f16550_arm64", "8Base-RHOL-5.5:openshift-logging/elasticsearch6-rhel8@sha256:f4565e374f73d72f720e571742ba6598ab4499fa0cca17cf3fa3078d0b9a6f37_amd64", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:364a0aeb3fbe41cb4563abe282eea246815996cee862a472090e3e2a3fb2b877_ppc64le", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:378d1d80a68f0c18800706a1d35e7808e7215914e8ae19890e35d4387481c078_s390x", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:48b65412b9d438362cfa492eeca2130f87997e22630668ff2b1b1c5a831ebe6e_arm64", "8Base-RHOL-5.5:openshift-logging/eventrouter-rhel8@sha256:b12aaab8e5ef6ec47539183283161348f314d05f56de672d34a6df576da905c8_amd64", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:0181f1dc2089fd0bd3ab9f22ea399a1750c6e5657bacefc4226ac3ea59debd44_amd64", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:0e831cf4a68dcb115710ae1996043ea2ce22849e55bc214e0bafb616fe8ed497_arm64", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:6b503da1639b35cab5ff76bd8058026875a9b2a0c6fc0b6df62c1fefe016345a_s390x", "8Base-RHOL-5.5:openshift-logging/fluentd-rhel8@sha256:c440a0e7ce359b7c7649c7522540689c831c48f51407594a6bf4b0776ff3d104_ppc64le", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:7857d67e9f47c9caba32bd73271fcbfafd00047ea97956f065a39ba8782d44a3_ppc64le", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:7eb9000152182b004c4dddf1d5bd90eab32f5d11eac80670710a660c35dfa105_s390x", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:a40fd7ced648e328d9e122ea1239816e26744a2289b560c636461a737f814199_arm64", "8Base-RHOL-5.5:openshift-logging/kibana6-rhel8@sha256:eaa0831f379fbe5d0263113dad7b0d6c13b117d43126ac489d253338f881b6c8_amd64", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:3a0993b049b4556d2011abfdb05bd61cfe6855b4ca444ee992fe58e25b31581f_arm64", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:ce5bd75e7e188877599222ac77ab7093fec0409cebd2bc379744830861d82ebf_s390x", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:d46966247189f43bf33cc82b937a59cdfcf10504ff8050119385bf63e7d81e34_amd64", "8Base-RHOL-5.5:openshift-logging/log-file-metric-exporter-rhel8@sha256:f94785be16f1a0ce3fc41a081dfd8925c51290ae9206a101bdb98a051209c69c_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:28a7b04ec5810ec7b7dcd3c233edb96ca324905e82ecabdadf551e616b7da05c_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:72e0218c73cd271d6aeb395a25f5ea7956daeae7c635fc04c7e6d27c2eb5e181_arm64", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:9169b406ff5e87edbe9243a568638bcc8d342ca685186bce6f6964cf5fa8785f_amd64", "8Base-RHOL-5.5:openshift-logging/logging-curator5-rhel8@sha256:f6ec36b684176d59d688b3f2beb22caaaa7cf1781161d9f9c76c106ac56f9d46_s390x", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:287c2fdcf4be7c80d4ebf4bce0ac3ea1762ab35ca674f74db088c3f61ac232c1_amd64", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:950aab49aafd6a97d5ed498ceee95f600462062f197a45d0020456133c7773c1_s390x", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:951a8f3db7b38894f8276375bbb5bd5651652b4c550c27dea6140efe40026d2f_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-loki-rhel8@sha256:c1bab2bb325a89d3e4fc339f95442a823d952596f80e9e756778d00982ff4e65_arm64", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:4c19d67d3c3f58b6050971dbc1ca850d72bbc6fef857be4f69a6db8a9a19e3ef_amd64", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:628c5faced7d608e3727326cc9d47b6cb1081181c9881736705b346f20c6dce4_s390x", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:c66c39c2e4df1c15daa82119fbfa3c16d67b0e730ca39db675b69c6a93fa6c5b_ppc64le", "8Base-RHOL-5.5:openshift-logging/logging-view-plugin-rhel8@sha256:e6d7f327bdd8973037fdee50f91c12731ecb39c26dc20a164551e4396f56c218_arm64", "8Base-RHOL-5.5:openshift-logging/loki-operator-bundle@sha256:2791b01acab311ef2386228772751c7702e1139e6db26f76be190ab3e79a3d38_amd64", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:56d66398e41804fbebe5ba0ba78d9d32c5d0b22d4962e0cd9de7648adc78e7d5_amd64", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:7914c3a644a934a1d24a2ba2e9362b3b932a427ff02854a71b5075ee3b653cef_s390x", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:839dacd7f0ca3405440741d2c575ca4cfe6e4307e34f4669eca938edd176c25d_ppc64le", "8Base-RHOL-5.5:openshift-logging/loki-rhel8-operator@sha256:c21acce895095222da9bd3bc1885b8baa70f77aed5cb88d902fd164f54975578_arm64", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:01a25a9b81000a99b3c473d9f2a93c27a7a6f8919d062bc615f78f9f7deb1024_arm64", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:096033a45f20be6e319cc35e9ac567b47371de3242c8cbaf3c9b474da1ed9d0f_s390x", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:6b3400f180c5a5ef95b5f5a933b8bfb0ef570c554985d700e4e10bbf876dd192_amd64", "8Base-RHOL-5.5:openshift-logging/lokistack-gateway-rhel8@sha256:6f01a9f6e2390138b673feadd1cebd2a88e0149436093389b6a177bc0bc20e71_ppc64le", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:2e02678af3c1fae869742bae38403aa676ccdbec6fce43720be3c33399bfe965_amd64", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:950220a88d151970a183d276589f846bc209d302e6de5fb7fe05cb9718597326_s390x", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:9ae4b704b6326b14892f560168b2d5ce29f615360aab537b939c2ef00ef0933c_arm64", "8Base-RHOL-5.5:openshift-logging/opa-openshift-rhel8@sha256:e11def073dcc8448c4c0f8bbb2c8f8a6b309a4199990d2c98a6b4092d2cf8d80_ppc64le", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:21ee0003cd6ac6035cbb9d88cf9f524681080b1198c687c49055d6cbec6ce0a6_ppc64le", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:25d0bb74c765fe7a5255da943a39121daac2dd93240efa932ed52fce0860101b_amd64", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:56367c67b0be8e48f47ce1c30be92d1c9dd2bf123c7247a4852ce3a7e6c37795_s390x", "8Base-RHOL-5.5:openshift-logging/vector-rhel8@sha256:f5bcf8df21f81154708c975272975fb5bc3f29764eccf6c39c79f1aede39fbe2_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests" } ] }
rhsa-2023_0932
Vulnerability from csaf_redhat
Published
2023-03-08 14:06
Modified
2024-12-10 17:45
Summary
Red Hat Security Advisory: Logging Subsystem 5.6.3 - Red Hat OpenShift
Notes
Topic
Logging Subsystem 5.6.3 - Red Hat OpenShift
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Logging Subsystem 5.6.3 - Red Hat OpenShift
Security Fix(es):
* express: "qs" prototype poisoning causes the hang of the node process (CVE-2022-24999)
* golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Logging Subsystem 5.6.3 - Red Hat OpenShift\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Logging Subsystem 5.6.3 - Red Hat OpenShift\n\nSecurity Fix(es):\n\n* express: \"qs\" prototype poisoning causes the hang of the node process (CVE-2022-24999)\n\n* golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:0932", "url": "https://access.redhat.com/errata/RHSA-2023:0932" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "2161274", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274" }, { "category": "external", "summary": "LOG-3717", "url": "https://issues.redhat.com/browse/LOG-3717" }, { "category": "external", "summary": "LOG-3729", "url": "https://issues.redhat.com/browse/LOG-3729" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0932.json" } ], "title": "Red Hat Security Advisory: Logging Subsystem 5.6.3 - Red Hat OpenShift", "tracking": { "current_release_date": "2024-12-10T17:45:50+00:00", "generator": { "date": "2024-12-10T17:45:50+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2023:0932", "initial_release_date": "2023-03-08T14:06:03+00:00", "revision_history": [ { "date": "2023-03-08T14:06:03+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-08T14:06:03+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-10T17:45:50+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHOL 5.6 for RHEL 8", "product": { "name": "RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6", "product_identification_helper": { "cpe": "cpe:/a:redhat:logging:5.6::el8" } } } ], "category": "product_family", "name": "logging for Red Hat OpenShift" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:0e167d232bdccdf71846b69631314df97660da3e3581a9a50d78a85925b47883_s390x", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:0e167d232bdccdf71846b69631314df97660da3e3581a9a50d78a85925b47883_s390x", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:0e167d232bdccdf71846b69631314df97660da3e3581a9a50d78a85925b47883_s390x", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:0e167d232bdccdf71846b69631314df97660da3e3581a9a50d78a85925b47883?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.3-10" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f6395b5342fccec8414c71e49a7b8b3a0cdc6238abce4bcef97268f1fdf510ed_s390x", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f6395b5342fccec8414c71e49a7b8b3a0cdc6238abce4bcef97268f1fdf510ed_s390x", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:f6395b5342fccec8414c71e49a7b8b3a0cdc6238abce4bcef97268f1fdf510ed_s390x", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:f6395b5342fccec8414c71e49a7b8b3a0cdc6238abce4bcef97268f1fdf510ed?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.3-7" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:0ef99a61c41e5ba3f013ee8c3cbe3c9455f9089140f0685af4e551fc411dc1d4_s390x", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:0ef99a61c41e5ba3f013ee8c3cbe3c9455f9089140f0685af4e551fc411dc1d4_s390x", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:0ef99a61c41e5ba3f013ee8c3cbe3c9455f9089140f0685af4e551fc411dc1d4_s390x", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:0ef99a61c41e5ba3f013ee8c3cbe3c9455f9089140f0685af4e551fc411dc1d4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-342" } } }, { "category": "product_version", "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ee32b20430cd06c9bcd9349e3f1e8282e9e9a616fb398604b3717f73e6aaab91_s390x", "product": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ee32b20430cd06c9bcd9349e3f1e8282e9e9a616fb398604b3717f73e6aaab91_s390x", "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ee32b20430cd06c9bcd9349e3f1e8282e9e9a616fb398604b3717f73e6aaab91_s390x", "product_identification_helper": { "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:ee32b20430cd06c9bcd9349e3f1e8282e9e9a616fb398604b3717f73e6aaab91?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-103" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:d0ad7c6e936658598cef688422e3315e85c8627c49f8449ef48fe1b1602cfa29_s390x", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:d0ad7c6e936658598cef688422e3315e85c8627c49f8449ef48fe1b1602cfa29_s390x", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:d0ad7c6e936658598cef688422e3315e85c8627c49f8449ef48fe1b1602cfa29_s390x", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:d0ad7c6e936658598cef688422e3315e85c8627c49f8449ef48fe1b1602cfa29?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-310" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:f90bbb41cab58931aab34890b507d5fa2c2ae08b6320d4b35bd367f5dabd8f50_s390x", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:f90bbb41cab58931aab34890b507d5fa2c2ae08b6320d4b35bd367f5dabd8f50_s390x", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:f90bbb41cab58931aab34890b507d5fa2c2ae08b6320d4b35bd367f5dabd8f50_s390x", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:f90bbb41cab58931aab34890b507d5fa2c2ae08b6320d4b35bd367f5dabd8f50?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-302" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:50aae19f0750c0f35a905d81a758ff2c9dac6e410a3c6c0b76f9ef8ca112a64f_s390x", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:50aae19f0750c0f35a905d81a758ff2c9dac6e410a3c6c0b76f9ef8ca112a64f_s390x", "product_id": "openshift-logging/eventrouter-rhel8@sha256:50aae19f0750c0f35a905d81a758ff2c9dac6e410a3c6c0b76f9ef8ca112a64f_s390x", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:50aae19f0750c0f35a905d81a758ff2c9dac6e410a3c6c0b76f9ef8ca112a64f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-94" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:eb1994e66ed00564f8dfddcb7b6b3276ef4eaa798099c61b7eea6c803e329e35_s390x", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:eb1994e66ed00564f8dfddcb7b6b3276ef4eaa798099c61b7eea6c803e329e35_s390x", "product_id": "openshift-logging/fluentd-rhel8@sha256:eb1994e66ed00564f8dfddcb7b6b3276ef4eaa798099c61b7eea6c803e329e35_s390x", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:eb1994e66ed00564f8dfddcb7b6b3276ef4eaa798099c61b7eea6c803e329e35?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-90" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:600e20533b2bb2f67277a19c1fc3a0732da6f01afd01e1b552535669ff88c262_s390x", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:600e20533b2bb2f67277a19c1fc3a0732da6f01afd01e1b552535669ff88c262_s390x", "product_id": "openshift-logging/kibana6-rhel8@sha256:600e20533b2bb2f67277a19c1fc3a0732da6f01afd01e1b552535669ff88c262_s390x", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:600e20533b2bb2f67277a19c1fc3a0732da6f01afd01e1b552535669ff88c262?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-339" } } }, { "category": "product_version", "name": "openshift-logging/logging-loki-rhel8@sha256:63c6ea77362370dd1a60c8d654a96bcbf488f5681445a3fc3f9dbe95d2924a5c_s390x", "product": { "name": "openshift-logging/logging-loki-rhel8@sha256:63c6ea77362370dd1a60c8d654a96bcbf488f5681445a3fc3f9dbe95d2924a5c_s390x", "product_id": "openshift-logging/logging-loki-rhel8@sha256:63c6ea77362370dd1a60c8d654a96bcbf488f5681445a3fc3f9dbe95d2924a5c_s390x", "product_identification_helper": { "purl": "pkg:oci/logging-loki-rhel8@sha256:63c6ea77362370dd1a60c8d654a96bcbf488f5681445a3fc3f9dbe95d2924a5c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.7.3-5" } } }, { "category": "product_version", "name": "openshift-logging/vector-rhel8@sha256:bb1285348400b3284ac6fa3e98664dfa7303ccc369afe7930c238be3880a87c6_s390x", "product": { "name": "openshift-logging/vector-rhel8@sha256:bb1285348400b3284ac6fa3e98664dfa7303ccc369afe7930c238be3880a87c6_s390x", "product_id": "openshift-logging/vector-rhel8@sha256:bb1285348400b3284ac6fa3e98664dfa7303ccc369afe7930c238be3880a87c6_s390x", "product_identification_helper": { "purl": "pkg:oci/vector-rhel8@sha256:bb1285348400b3284ac6fa3e98664dfa7303ccc369afe7930c238be3880a87c6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-57" } } }, { "category": "product_version", "name": "openshift-logging/logging-view-plugin-rhel8@sha256:4c4b0f10ea3d7eff3f2f6ee81963be829be283ba82e164c553d14f81905156cb_s390x", "product": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:4c4b0f10ea3d7eff3f2f6ee81963be829be283ba82e164c553d14f81905156cb_s390x", "product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:4c4b0f10ea3d7eff3f2f6ee81963be829be283ba82e164c553d14f81905156cb_s390x", "product_identification_helper": { "purl": "pkg:oci/logging-view-plugin-rhel8@sha256:4c4b0f10ea3d7eff3f2f6ee81963be829be283ba82e164c553d14f81905156cb?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.3-5" } } }, { "category": "product_version", "name": "openshift-logging/loki-rhel8-operator@sha256:03f1cf4cb1eea8dd60eec55b92cefcd3fe9d2194eec1145d693daff66092dee5_s390x", "product": { "name": "openshift-logging/loki-rhel8-operator@sha256:03f1cf4cb1eea8dd60eec55b92cefcd3fe9d2194eec1145d693daff66092dee5_s390x", "product_id": "openshift-logging/loki-rhel8-operator@sha256:03f1cf4cb1eea8dd60eec55b92cefcd3fe9d2194eec1145d693daff66092dee5_s390x", "product_identification_helper": { "purl": "pkg:oci/loki-rhel8-operator@sha256:03f1cf4cb1eea8dd60eec55b92cefcd3fe9d2194eec1145d693daff66092dee5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.3-6" } } }, { "category": "product_version", "name": "openshift-logging/lokistack-gateway-rhel8@sha256:e089e8dd44785e6b54296f26c2ea3740841d0b024fc38283c372e3237734f07e_s390x", "product": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:e089e8dd44785e6b54296f26c2ea3740841d0b024fc38283c372e3237734f07e_s390x", "product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:e089e8dd44785e6b54296f26c2ea3740841d0b024fc38283c372e3237734f07e_s390x", "product_identification_helper": { "purl": "pkg:oci/lokistack-gateway-rhel8@sha256:e089e8dd44785e6b54296f26c2ea3740841d0b024fc38283c372e3237734f07e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-163" } } }, { "category": "product_version", "name": "openshift-logging/opa-openshift-rhel8@sha256:9d4b4276b923b60782d03d04d65bd290e5f92f201e6c4d9baad08e9eb32561e1_s390x", "product": { "name": "openshift-logging/opa-openshift-rhel8@sha256:9d4b4276b923b60782d03d04d65bd290e5f92f201e6c4d9baad08e9eb32561e1_s390x", "product_id": "openshift-logging/opa-openshift-rhel8@sha256:9d4b4276b923b60782d03d04d65bd290e5f92f201e6c4d9baad08e9eb32561e1_s390x", "product_identification_helper": { "purl": "pkg:oci/opa-openshift-rhel8@sha256:9d4b4276b923b60782d03d04d65bd290e5f92f201e6c4d9baad08e9eb32561e1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-49" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:25e99a1b6236720d27af67885dc9977c5a57ed7223ee26e00f97a6c77697fd38_arm64", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:25e99a1b6236720d27af67885dc9977c5a57ed7223ee26e00f97a6c77697fd38_arm64", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:25e99a1b6236720d27af67885dc9977c5a57ed7223ee26e00f97a6c77697fd38_arm64", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:25e99a1b6236720d27af67885dc9977c5a57ed7223ee26e00f97a6c77697fd38?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.3-10" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1a4555f082a0d0cb9de7b2f6ceade4201917c68949b96cd34242f60ac6b0e452_arm64", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1a4555f082a0d0cb9de7b2f6ceade4201917c68949b96cd34242f60ac6b0e452_arm64", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:1a4555f082a0d0cb9de7b2f6ceade4201917c68949b96cd34242f60ac6b0e452_arm64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:1a4555f082a0d0cb9de7b2f6ceade4201917c68949b96cd34242f60ac6b0e452?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.3-7" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d6352ce2ac7178ca7730294f3dc6a2f6f6f85888e52c3621722c548dea09f9_arm64", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d6352ce2ac7178ca7730294f3dc6a2f6f6f85888e52c3621722c548dea09f9_arm64", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d6352ce2ac7178ca7730294f3dc6a2f6f6f85888e52c3621722c548dea09f9_arm64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:e6d6352ce2ac7178ca7730294f3dc6a2f6f6f85888e52c3621722c548dea09f9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-342" } } }, { "category": "product_version", "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:099dcd31bd02a8608bf9aa62343f4bcb728c02c4ba3628e705258b1c2fabe580_arm64", "product": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:099dcd31bd02a8608bf9aa62343f4bcb728c02c4ba3628e705258b1c2fabe580_arm64", "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:099dcd31bd02a8608bf9aa62343f4bcb728c02c4ba3628e705258b1c2fabe580_arm64", "product_identification_helper": { "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:099dcd31bd02a8608bf9aa62343f4bcb728c02c4ba3628e705258b1c2fabe580?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-103" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:5746793b1fec9ffe6a077ba726018617e1b4e766f03b4ccef5dd3f505b3dda2f_arm64", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:5746793b1fec9ffe6a077ba726018617e1b4e766f03b4ccef5dd3f505b3dda2f_arm64", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:5746793b1fec9ffe6a077ba726018617e1b4e766f03b4ccef5dd3f505b3dda2f_arm64", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:5746793b1fec9ffe6a077ba726018617e1b4e766f03b4ccef5dd3f505b3dda2f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-310" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:c5f20bed7139363cc8c12fb3d38341027d3660ca1d8d1b3a74b6a2eb0d753ba9_arm64", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:c5f20bed7139363cc8c12fb3d38341027d3660ca1d8d1b3a74b6a2eb0d753ba9_arm64", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:c5f20bed7139363cc8c12fb3d38341027d3660ca1d8d1b3a74b6a2eb0d753ba9_arm64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:c5f20bed7139363cc8c12fb3d38341027d3660ca1d8d1b3a74b6a2eb0d753ba9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-302" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:f861fadfefcf3e81597a33e94285603ea45e1956eb558279cee9a128012d0f59_arm64", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:f861fadfefcf3e81597a33e94285603ea45e1956eb558279cee9a128012d0f59_arm64", "product_id": "openshift-logging/eventrouter-rhel8@sha256:f861fadfefcf3e81597a33e94285603ea45e1956eb558279cee9a128012d0f59_arm64", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:f861fadfefcf3e81597a33e94285603ea45e1956eb558279cee9a128012d0f59?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-94" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:933a3bf79972f2e5c8ba21aac1584778528dc6d090c1269fb9eb7f98bc3748e1_arm64", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:933a3bf79972f2e5c8ba21aac1584778528dc6d090c1269fb9eb7f98bc3748e1_arm64", "product_id": "openshift-logging/fluentd-rhel8@sha256:933a3bf79972f2e5c8ba21aac1584778528dc6d090c1269fb9eb7f98bc3748e1_arm64", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:933a3bf79972f2e5c8ba21aac1584778528dc6d090c1269fb9eb7f98bc3748e1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-90" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:7599a21ef8a5f6867cfc3f9a2a4126847b10060480469a6b91882b97905b0cad_arm64", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:7599a21ef8a5f6867cfc3f9a2a4126847b10060480469a6b91882b97905b0cad_arm64", "product_id": "openshift-logging/kibana6-rhel8@sha256:7599a21ef8a5f6867cfc3f9a2a4126847b10060480469a6b91882b97905b0cad_arm64", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:7599a21ef8a5f6867cfc3f9a2a4126847b10060480469a6b91882b97905b0cad?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-339" } } }, { "category": "product_version", "name": "openshift-logging/logging-loki-rhel8@sha256:fee87f3de6d9bb44b0436f1fe6c706f7bf1ab7685d1ab00333939a8432492b31_arm64", "product": { "name": "openshift-logging/logging-loki-rhel8@sha256:fee87f3de6d9bb44b0436f1fe6c706f7bf1ab7685d1ab00333939a8432492b31_arm64", "product_id": "openshift-logging/logging-loki-rhel8@sha256:fee87f3de6d9bb44b0436f1fe6c706f7bf1ab7685d1ab00333939a8432492b31_arm64", "product_identification_helper": { "purl": "pkg:oci/logging-loki-rhel8@sha256:fee87f3de6d9bb44b0436f1fe6c706f7bf1ab7685d1ab00333939a8432492b31?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.7.3-5" } } }, { "category": "product_version", "name": "openshift-logging/vector-rhel8@sha256:2289ca68a0a07e537defe02132f6c0efa98368f0fc6fa44fcb75793e788a4c62_arm64", "product": { "name": "openshift-logging/vector-rhel8@sha256:2289ca68a0a07e537defe02132f6c0efa98368f0fc6fa44fcb75793e788a4c62_arm64", "product_id": "openshift-logging/vector-rhel8@sha256:2289ca68a0a07e537defe02132f6c0efa98368f0fc6fa44fcb75793e788a4c62_arm64", "product_identification_helper": { "purl": "pkg:oci/vector-rhel8@sha256:2289ca68a0a07e537defe02132f6c0efa98368f0fc6fa44fcb75793e788a4c62?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-57" } } }, { "category": "product_version", "name": "openshift-logging/logging-view-plugin-rhel8@sha256:b6bc0ab4ab8f31f81d7c5340918e69cad182b0a5e0669ef45f74f8810b1209f4_arm64", "product": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:b6bc0ab4ab8f31f81d7c5340918e69cad182b0a5e0669ef45f74f8810b1209f4_arm64", "product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:b6bc0ab4ab8f31f81d7c5340918e69cad182b0a5e0669ef45f74f8810b1209f4_arm64", "product_identification_helper": { "purl": "pkg:oci/logging-view-plugin-rhel8@sha256:b6bc0ab4ab8f31f81d7c5340918e69cad182b0a5e0669ef45f74f8810b1209f4?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.3-5" } } }, { "category": "product_version", "name": "openshift-logging/loki-rhel8-operator@sha256:16ddb250e456115e193392a08d322247ff0c8907e36abceab95b06d45b14b932_arm64", "product": { "name": "openshift-logging/loki-rhel8-operator@sha256:16ddb250e456115e193392a08d322247ff0c8907e36abceab95b06d45b14b932_arm64", "product_id": "openshift-logging/loki-rhel8-operator@sha256:16ddb250e456115e193392a08d322247ff0c8907e36abceab95b06d45b14b932_arm64", "product_identification_helper": { "purl": "pkg:oci/loki-rhel8-operator@sha256:16ddb250e456115e193392a08d322247ff0c8907e36abceab95b06d45b14b932?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.3-6" } } }, { "category": "product_version", "name": "openshift-logging/lokistack-gateway-rhel8@sha256:967d139924314bd44373058ff26ceda4193223936f2528712d3144aeb4785704_arm64", "product": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:967d139924314bd44373058ff26ceda4193223936f2528712d3144aeb4785704_arm64", "product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:967d139924314bd44373058ff26ceda4193223936f2528712d3144aeb4785704_arm64", "product_identification_helper": { "purl": "pkg:oci/lokistack-gateway-rhel8@sha256:967d139924314bd44373058ff26ceda4193223936f2528712d3144aeb4785704?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-163" } } }, { "category": "product_version", "name": "openshift-logging/opa-openshift-rhel8@sha256:a7e6a512ed9cde3ffb8c6214e3c8b697b175d9fe5aaa90ef17fe02cc3144c1a8_arm64", "product": { "name": "openshift-logging/opa-openshift-rhel8@sha256:a7e6a512ed9cde3ffb8c6214e3c8b697b175d9fe5aaa90ef17fe02cc3144c1a8_arm64", "product_id": "openshift-logging/opa-openshift-rhel8@sha256:a7e6a512ed9cde3ffb8c6214e3c8b697b175d9fe5aaa90ef17fe02cc3144c1a8_arm64", "product_identification_helper": { "purl": "pkg:oci/opa-openshift-rhel8@sha256:a7e6a512ed9cde3ffb8c6214e3c8b697b175d9fe5aaa90ef17fe02cc3144c1a8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-49" } } } ], "category": "architecture", "name": "arm64" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:d740ec313b251b04c2fda54b810617d0d61c586598a72a1fff2c39b5ff2b2a23_ppc64le", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:d740ec313b251b04c2fda54b810617d0d61c586598a72a1fff2c39b5ff2b2a23_ppc64le", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:d740ec313b251b04c2fda54b810617d0d61c586598a72a1fff2c39b5ff2b2a23_ppc64le", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:d740ec313b251b04c2fda54b810617d0d61c586598a72a1fff2c39b5ff2b2a23?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.3-10" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:5f02319bf9745be1aacfee77cdefc47ff54e7567e89dba56c07b1e17e4447e8e_ppc64le", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:5f02319bf9745be1aacfee77cdefc47ff54e7567e89dba56c07b1e17e4447e8e_ppc64le", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:5f02319bf9745be1aacfee77cdefc47ff54e7567e89dba56c07b1e17e4447e8e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:5f02319bf9745be1aacfee77cdefc47ff54e7567e89dba56c07b1e17e4447e8e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.3-7" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:00995f237bb8d4ec4fbb7643225a6ba191894f98a269daffba942e5aa1226f73_ppc64le", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:00995f237bb8d4ec4fbb7643225a6ba191894f98a269daffba942e5aa1226f73_ppc64le", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:00995f237bb8d4ec4fbb7643225a6ba191894f98a269daffba942e5aa1226f73_ppc64le", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:00995f237bb8d4ec4fbb7643225a6ba191894f98a269daffba942e5aa1226f73?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-342" } } }, { "category": "product_version", "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:90e25734d33a06ef98524c90109eec153ccc6b3ac8f7b7c34214280058bb4c76_ppc64le", "product": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:90e25734d33a06ef98524c90109eec153ccc6b3ac8f7b7c34214280058bb4c76_ppc64le", "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:90e25734d33a06ef98524c90109eec153ccc6b3ac8f7b7c34214280058bb4c76_ppc64le", "product_identification_helper": { "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:90e25734d33a06ef98524c90109eec153ccc6b3ac8f7b7c34214280058bb4c76?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-103" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:64bea63dcaac7b40510055f4162b435a3f8088fa1a5fa47028cae7ee04cf4e37_ppc64le", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:64bea63dcaac7b40510055f4162b435a3f8088fa1a5fa47028cae7ee04cf4e37_ppc64le", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:64bea63dcaac7b40510055f4162b435a3f8088fa1a5fa47028cae7ee04cf4e37_ppc64le", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:64bea63dcaac7b40510055f4162b435a3f8088fa1a5fa47028cae7ee04cf4e37?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-310" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:c03b5d752fd169db97532eac64c10871b865fc351536f2b4c471165534c2bf59_ppc64le", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:c03b5d752fd169db97532eac64c10871b865fc351536f2b4c471165534c2bf59_ppc64le", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:c03b5d752fd169db97532eac64c10871b865fc351536f2b4c471165534c2bf59_ppc64le", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:c03b5d752fd169db97532eac64c10871b865fc351536f2b4c471165534c2bf59?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-302" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:2da4527aa8d97669d602c7cf94373e16ee0dc2851e2303de49a919c3a85e1f41_ppc64le", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:2da4527aa8d97669d602c7cf94373e16ee0dc2851e2303de49a919c3a85e1f41_ppc64le", "product_id": "openshift-logging/eventrouter-rhel8@sha256:2da4527aa8d97669d602c7cf94373e16ee0dc2851e2303de49a919c3a85e1f41_ppc64le", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:2da4527aa8d97669d602c7cf94373e16ee0dc2851e2303de49a919c3a85e1f41?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-94" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:f6b065eded5ec8c80c22a49ca37453dca681f74f8851490a178d813c77f27d62_ppc64le", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:f6b065eded5ec8c80c22a49ca37453dca681f74f8851490a178d813c77f27d62_ppc64le", "product_id": "openshift-logging/fluentd-rhel8@sha256:f6b065eded5ec8c80c22a49ca37453dca681f74f8851490a178d813c77f27d62_ppc64le", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:f6b065eded5ec8c80c22a49ca37453dca681f74f8851490a178d813c77f27d62?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-90" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:d038bb1cb036a12405fd72590ad862a639189117d5876a82c866839907e35f73_ppc64le", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:d038bb1cb036a12405fd72590ad862a639189117d5876a82c866839907e35f73_ppc64le", "product_id": "openshift-logging/kibana6-rhel8@sha256:d038bb1cb036a12405fd72590ad862a639189117d5876a82c866839907e35f73_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:d038bb1cb036a12405fd72590ad862a639189117d5876a82c866839907e35f73?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-339" } } }, { "category": "product_version", "name": "openshift-logging/logging-loki-rhel8@sha256:d6c72b1be0243d91713ad5066a74722172d408cd94256bd61f613c9f61cb9030_ppc64le", "product": { "name": "openshift-logging/logging-loki-rhel8@sha256:d6c72b1be0243d91713ad5066a74722172d408cd94256bd61f613c9f61cb9030_ppc64le", "product_id": "openshift-logging/logging-loki-rhel8@sha256:d6c72b1be0243d91713ad5066a74722172d408cd94256bd61f613c9f61cb9030_ppc64le", "product_identification_helper": { "purl": "pkg:oci/logging-loki-rhel8@sha256:d6c72b1be0243d91713ad5066a74722172d408cd94256bd61f613c9f61cb9030?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.7.3-5" } } }, { "category": "product_version", "name": "openshift-logging/vector-rhel8@sha256:f3ac64bb95781e0c4bb712accd6ce0949c6dbf653f177571a42f85841bc28ffb_ppc64le", "product": { "name": "openshift-logging/vector-rhel8@sha256:f3ac64bb95781e0c4bb712accd6ce0949c6dbf653f177571a42f85841bc28ffb_ppc64le", "product_id": "openshift-logging/vector-rhel8@sha256:f3ac64bb95781e0c4bb712accd6ce0949c6dbf653f177571a42f85841bc28ffb_ppc64le", "product_identification_helper": { "purl": "pkg:oci/vector-rhel8@sha256:f3ac64bb95781e0c4bb712accd6ce0949c6dbf653f177571a42f85841bc28ffb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-57" } } }, { "category": "product_version", "name": "openshift-logging/logging-view-plugin-rhel8@sha256:0cd5fe2598a0ea587e07d006ee4e8367e146cbc5ac2409e62b51d0d2eabcd9e7_ppc64le", "product": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:0cd5fe2598a0ea587e07d006ee4e8367e146cbc5ac2409e62b51d0d2eabcd9e7_ppc64le", "product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:0cd5fe2598a0ea587e07d006ee4e8367e146cbc5ac2409e62b51d0d2eabcd9e7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/logging-view-plugin-rhel8@sha256:0cd5fe2598a0ea587e07d006ee4e8367e146cbc5ac2409e62b51d0d2eabcd9e7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.3-5" } } }, { "category": "product_version", "name": "openshift-logging/loki-rhel8-operator@sha256:098747d5fb20f9d871a62f04714a1a2d85561d9f09dd4e0c6733cf9062df80e1_ppc64le", "product": { "name": "openshift-logging/loki-rhel8-operator@sha256:098747d5fb20f9d871a62f04714a1a2d85561d9f09dd4e0c6733cf9062df80e1_ppc64le", "product_id": "openshift-logging/loki-rhel8-operator@sha256:098747d5fb20f9d871a62f04714a1a2d85561d9f09dd4e0c6733cf9062df80e1_ppc64le", "product_identification_helper": { "purl": "pkg:oci/loki-rhel8-operator@sha256:098747d5fb20f9d871a62f04714a1a2d85561d9f09dd4e0c6733cf9062df80e1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.3-6" } } }, { "category": "product_version", "name": "openshift-logging/lokistack-gateway-rhel8@sha256:c20dd71f574381c20abd76ab30c43bf92af0560bedb51fd7c3a6585f047d30ff_ppc64le", "product": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:c20dd71f574381c20abd76ab30c43bf92af0560bedb51fd7c3a6585f047d30ff_ppc64le", "product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:c20dd71f574381c20abd76ab30c43bf92af0560bedb51fd7c3a6585f047d30ff_ppc64le", "product_identification_helper": { "purl": "pkg:oci/lokistack-gateway-rhel8@sha256:c20dd71f574381c20abd76ab30c43bf92af0560bedb51fd7c3a6585f047d30ff?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-163" } } }, { "category": "product_version", "name": "openshift-logging/opa-openshift-rhel8@sha256:077381bfe6d494aacedfe9ea21398ef4a6f0c3c9e77f7aac84070450bc361de7_ppc64le", "product": { "name": "openshift-logging/opa-openshift-rhel8@sha256:077381bfe6d494aacedfe9ea21398ef4a6f0c3c9e77f7aac84070450bc361de7_ppc64le", "product_id": "openshift-logging/opa-openshift-rhel8@sha256:077381bfe6d494aacedfe9ea21398ef4a6f0c3c9e77f7aac84070450bc361de7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/opa-openshift-rhel8@sha256:077381bfe6d494aacedfe9ea21398ef4a6f0c3c9e77f7aac84070450bc361de7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-49" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:911b3a6a531023ec51a42aad73cb56c5710344568226eada7b7332f51bca4167_amd64", "product": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:911b3a6a531023ec51a42aad73cb56c5710344568226eada7b7332f51bca4167_amd64", "product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:911b3a6a531023ec51a42aad73cb56c5710344568226eada7b7332f51bca4167_amd64", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:911b3a6a531023ec51a42aad73cb56c5710344568226eada7b7332f51bca4167?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.3-10" } } }, { "category": "product_version", "name": "openshift-logging/cluster-logging-operator-bundle@sha256:c45854097cbbc184830cc41e57518afd1d93b909c5a6bf62d17cd922460f05a2_amd64", "product": { "name": "openshift-logging/cluster-logging-operator-bundle@sha256:c45854097cbbc184830cc41e57518afd1d93b909c5a6bf62d17cd922460f05a2_amd64", "product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:c45854097cbbc184830cc41e57518afd1d93b909c5a6bf62d17cd922460f05a2_amd64", "product_identification_helper": { "purl": "pkg:oci/cluster-logging-operator-bundle@sha256:c45854097cbbc184830cc41e57518afd1d93b909c5a6bf62d17cd922460f05a2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.6.3-31" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:5a654a50c82878518a0ff57cb63b0a7edb4c3019d25dd54bc99cc1c9b842722a_amd64", "product": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:5a654a50c82878518a0ff57cb63b0a7edb4c3019d25dd54bc99cc1c9b842722a_amd64", "product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:5a654a50c82878518a0ff57cb63b0a7edb4c3019d25dd54bc99cc1c9b842722a_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:5a654a50c82878518a0ff57cb63b0a7edb4c3019d25dd54bc99cc1c9b842722a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.3-7" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-operator-bundle@sha256:071423618c82b05abb31a7697b1b0f53cf1f6174a4adcc673fd7e080a2353c2e_amd64", "product": { "name": "openshift-logging/elasticsearch-operator-bundle@sha256:071423618c82b05abb31a7697b1b0f53cf1f6174a4adcc673fd7e080a2353c2e_amd64", "product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:071423618c82b05abb31a7697b1b0f53cf1f6174a4adcc673fd7e080a2353c2e_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-operator-bundle@sha256:071423618c82b05abb31a7697b1b0f53cf1f6174a4adcc673fd7e080a2353c2e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.6.3-24" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a799a967668e9f45f31be3ee65f2ae6e61fe6dc0b583606f9c57b54c460bb1b6_amd64", "product": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a799a967668e9f45f31be3ee65f2ae6e61fe6dc0b583606f9c57b54c460bb1b6_amd64", "product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a799a967668e9f45f31be3ee65f2ae6e61fe6dc0b583606f9c57b54c460bb1b6_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:a799a967668e9f45f31be3ee65f2ae6e61fe6dc0b583606f9c57b54c460bb1b6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-342" } } }, { "category": "product_version", "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ced75e473f009c273c7ba9a38bc4a6d6b92eb5e9f561ea1de7abb81ffa207a91_amd64", "product": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ced75e473f009c273c7ba9a38bc4a6d6b92eb5e9f561ea1de7abb81ffa207a91_amd64", "product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ced75e473f009c273c7ba9a38bc4a6d6b92eb5e9f561ea1de7abb81ffa207a91_amd64", "product_identification_helper": { "purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:ced75e473f009c273c7ba9a38bc4a6d6b92eb5e9f561ea1de7abb81ffa207a91?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-103" } } }, { "category": "product_version", "name": "openshift-logging/logging-curator5-rhel8@sha256:92fb27a1aa2b1be0cc5549bc97242f7f05d090e8ba6308f49eb399b742eed3fc_amd64", "product": { "name": "openshift-logging/logging-curator5-rhel8@sha256:92fb27a1aa2b1be0cc5549bc97242f7f05d090e8ba6308f49eb399b742eed3fc_amd64", "product_id": "openshift-logging/logging-curator5-rhel8@sha256:92fb27a1aa2b1be0cc5549bc97242f7f05d090e8ba6308f49eb399b742eed3fc_amd64", "product_identification_helper": { "purl": "pkg:oci/logging-curator5-rhel8@sha256:92fb27a1aa2b1be0cc5549bc97242f7f05d090e8ba6308f49eb399b742eed3fc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-310" } } }, { "category": "product_version", "name": "openshift-logging/elasticsearch6-rhel8@sha256:d9a3af8383fde0e7e08c8cd6a6679507d621900fc693bd5ed432234fb9184ef2_amd64", "product": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:d9a3af8383fde0e7e08c8cd6a6679507d621900fc693bd5ed432234fb9184ef2_amd64", "product_id": "openshift-logging/elasticsearch6-rhel8@sha256:d9a3af8383fde0e7e08c8cd6a6679507d621900fc693bd5ed432234fb9184ef2_amd64", "product_identification_helper": { "purl": "pkg:oci/elasticsearch6-rhel8@sha256:d9a3af8383fde0e7e08c8cd6a6679507d621900fc693bd5ed432234fb9184ef2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-302" } } }, { "category": "product_version", "name": "openshift-logging/eventrouter-rhel8@sha256:e59f049fac9cdbcdb695efc84d014fee9ed6d13c64ec2e8818fd619aa14dbe1d_amd64", "product": { "name": "openshift-logging/eventrouter-rhel8@sha256:e59f049fac9cdbcdb695efc84d014fee9ed6d13c64ec2e8818fd619aa14dbe1d_amd64", "product_id": "openshift-logging/eventrouter-rhel8@sha256:e59f049fac9cdbcdb695efc84d014fee9ed6d13c64ec2e8818fd619aa14dbe1d_amd64", "product_identification_helper": { "purl": "pkg:oci/eventrouter-rhel8@sha256:e59f049fac9cdbcdb695efc84d014fee9ed6d13c64ec2e8818fd619aa14dbe1d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-94" } } }, { "category": "product_version", "name": "openshift-logging/fluentd-rhel8@sha256:5c97c94c0904b478fe8b13a5d8127c053859046105a0baf4807700c2234998d9_amd64", "product": { "name": "openshift-logging/fluentd-rhel8@sha256:5c97c94c0904b478fe8b13a5d8127c053859046105a0baf4807700c2234998d9_amd64", "product_id": "openshift-logging/fluentd-rhel8@sha256:5c97c94c0904b478fe8b13a5d8127c053859046105a0baf4807700c2234998d9_amd64", "product_identification_helper": { "purl": "pkg:oci/fluentd-rhel8@sha256:5c97c94c0904b478fe8b13a5d8127c053859046105a0baf4807700c2234998d9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-90" } } }, { "category": "product_version", "name": "openshift-logging/kibana6-rhel8@sha256:344d9cd561f7c62c6de21d2bac7662827edd530239e5607fa1eb6d1f8ceefdea_amd64", "product": { "name": "openshift-logging/kibana6-rhel8@sha256:344d9cd561f7c62c6de21d2bac7662827edd530239e5607fa1eb6d1f8ceefdea_amd64", "product_id": "openshift-logging/kibana6-rhel8@sha256:344d9cd561f7c62c6de21d2bac7662827edd530239e5607fa1eb6d1f8ceefdea_amd64", "product_identification_helper": { "purl": "pkg:oci/kibana6-rhel8@sha256:344d9cd561f7c62c6de21d2bac7662827edd530239e5607fa1eb6d1f8ceefdea?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-339" } } }, { "category": "product_version", "name": "openshift-logging/logging-loki-rhel8@sha256:82c7bf1ee3dc2be95909defbf53292155980d420baf513595739a9391b6c4e19_amd64", "product": { "name": "openshift-logging/logging-loki-rhel8@sha256:82c7bf1ee3dc2be95909defbf53292155980d420baf513595739a9391b6c4e19_amd64", "product_id": "openshift-logging/logging-loki-rhel8@sha256:82c7bf1ee3dc2be95909defbf53292155980d420baf513595739a9391b6c4e19_amd64", "product_identification_helper": { "purl": "pkg:oci/logging-loki-rhel8@sha256:82c7bf1ee3dc2be95909defbf53292155980d420baf513595739a9391b6c4e19?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.7.3-5" } } }, { "category": "product_version", "name": "openshift-logging/vector-rhel8@sha256:bb7dcd344560e3b4c4dad7cc64aa42a8d4388fc5b24cf48fca40543cecbd4dc0_amd64", "product": { "name": "openshift-logging/vector-rhel8@sha256:bb7dcd344560e3b4c4dad7cc64aa42a8d4388fc5b24cf48fca40543cecbd4dc0_amd64", "product_id": "openshift-logging/vector-rhel8@sha256:bb7dcd344560e3b4c4dad7cc64aa42a8d4388fc5b24cf48fca40543cecbd4dc0_amd64", "product_identification_helper": { "purl": "pkg:oci/vector-rhel8@sha256:bb7dcd344560e3b4c4dad7cc64aa42a8d4388fc5b24cf48fca40543cecbd4dc0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-57" } } }, { "category": "product_version", "name": "openshift-logging/logging-view-plugin-rhel8@sha256:592a51ddcf3546502cc21b82be6e3011c20c59ea3740431018b30907ee11e4ac_amd64", "product": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:592a51ddcf3546502cc21b82be6e3011c20c59ea3740431018b30907ee11e4ac_amd64", "product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:592a51ddcf3546502cc21b82be6e3011c20c59ea3740431018b30907ee11e4ac_amd64", "product_identification_helper": { "purl": "pkg:oci/logging-view-plugin-rhel8@sha256:592a51ddcf3546502cc21b82be6e3011c20c59ea3740431018b30907ee11e4ac?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.3-5" } } }, { "category": "product_version", "name": "openshift-logging/loki-operator-bundle@sha256:2e1df5346272bcfa8b8d0280df69fa648a0d16516d0b2addb3a12ec14906f4d0_amd64", "product": { "name": "openshift-logging/loki-operator-bundle@sha256:2e1df5346272bcfa8b8d0280df69fa648a0d16516d0b2addb3a12ec14906f4d0_amd64", "product_id": "openshift-logging/loki-operator-bundle@sha256:2e1df5346272bcfa8b8d0280df69fa648a0d16516d0b2addb3a12ec14906f4d0_amd64", "product_identification_helper": { "purl": "pkg:oci/loki-operator-bundle@sha256:2e1df5346272bcfa8b8d0280df69fa648a0d16516d0b2addb3a12ec14906f4d0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v5.6.3-28" } } }, { "category": "product_version", "name": "openshift-logging/loki-rhel8-operator@sha256:6fe90266c58241180f8548354586b2647146568579687935acc8dd240611872d_amd64", "product": { "name": "openshift-logging/loki-rhel8-operator@sha256:6fe90266c58241180f8548354586b2647146568579687935acc8dd240611872d_amd64", "product_id": "openshift-logging/loki-rhel8-operator@sha256:6fe90266c58241180f8548354586b2647146568579687935acc8dd240611872d_amd64", "product_identification_helper": { "purl": "pkg:oci/loki-rhel8-operator@sha256:6fe90266c58241180f8548354586b2647146568579687935acc8dd240611872d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.3-6" } } }, { "category": "product_version", "name": "openshift-logging/lokistack-gateway-rhel8@sha256:8118e813acde448251ee6a0e66d36e028f996f2e86f5ad6ba1a2699b04a94be0_amd64", "product": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:8118e813acde448251ee6a0e66d36e028f996f2e86f5ad6ba1a2699b04a94be0_amd64", "product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:8118e813acde448251ee6a0e66d36e028f996f2e86f5ad6ba1a2699b04a94be0_amd64", "product_identification_helper": { "purl": "pkg:oci/lokistack-gateway-rhel8@sha256:8118e813acde448251ee6a0e66d36e028f996f2e86f5ad6ba1a2699b04a94be0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-163" } } }, { "category": "product_version", "name": "openshift-logging/opa-openshift-rhel8@sha256:c01bcc09942867514495c777becea8a8eef83ec80eee838922406cb156977400_amd64", "product": { "name": "openshift-logging/opa-openshift-rhel8@sha256:c01bcc09942867514495c777becea8a8eef83ec80eee838922406cb156977400_amd64", "product_id": "openshift-logging/opa-openshift-rhel8@sha256:c01bcc09942867514495c777becea8a8eef83ec80eee838922406cb156977400_amd64", "product_identification_helper": { "purl": "pkg:oci/opa-openshift-rhel8@sha256:c01bcc09942867514495c777becea8a8eef83ec80eee838922406cb156977400?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-49" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-operator-bundle@sha256:c45854097cbbc184830cc41e57518afd1d93b909c5a6bf62d17cd922460f05a2_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:c45854097cbbc184830cc41e57518afd1d93b909c5a6bf62d17cd922460f05a2_amd64" }, "product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:c45854097cbbc184830cc41e57518afd1d93b909c5a6bf62d17cd922460f05a2_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:0e167d232bdccdf71846b69631314df97660da3e3581a9a50d78a85925b47883_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:0e167d232bdccdf71846b69631314df97660da3e3581a9a50d78a85925b47883_s390x" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:0e167d232bdccdf71846b69631314df97660da3e3581a9a50d78a85925b47883_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:25e99a1b6236720d27af67885dc9977c5a57ed7223ee26e00f97a6c77697fd38_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:25e99a1b6236720d27af67885dc9977c5a57ed7223ee26e00f97a6c77697fd38_arm64" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:25e99a1b6236720d27af67885dc9977c5a57ed7223ee26e00f97a6c77697fd38_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:911b3a6a531023ec51a42aad73cb56c5710344568226eada7b7332f51bca4167_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:911b3a6a531023ec51a42aad73cb56c5710344568226eada7b7332f51bca4167_amd64" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:911b3a6a531023ec51a42aad73cb56c5710344568226eada7b7332f51bca4167_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/cluster-logging-rhel8-operator@sha256:d740ec313b251b04c2fda54b810617d0d61c586598a72a1fff2c39b5ff2b2a23_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:d740ec313b251b04c2fda54b810617d0d61c586598a72a1fff2c39b5ff2b2a23_ppc64le" }, "product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:d740ec313b251b04c2fda54b810617d0d61c586598a72a1fff2c39b5ff2b2a23_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-operator-bundle@sha256:071423618c82b05abb31a7697b1b0f53cf1f6174a4adcc673fd7e080a2353c2e_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:071423618c82b05abb31a7697b1b0f53cf1f6174a4adcc673fd7e080a2353c2e_amd64" }, "product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:071423618c82b05abb31a7697b1b0f53cf1f6174a4adcc673fd7e080a2353c2e_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:00995f237bb8d4ec4fbb7643225a6ba191894f98a269daffba942e5aa1226f73_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:00995f237bb8d4ec4fbb7643225a6ba191894f98a269daffba942e5aa1226f73_ppc64le" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:00995f237bb8d4ec4fbb7643225a6ba191894f98a269daffba942e5aa1226f73_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:0ef99a61c41e5ba3f013ee8c3cbe3c9455f9089140f0685af4e551fc411dc1d4_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:0ef99a61c41e5ba3f013ee8c3cbe3c9455f9089140f0685af4e551fc411dc1d4_s390x" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:0ef99a61c41e5ba3f013ee8c3cbe3c9455f9089140f0685af4e551fc411dc1d4_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a799a967668e9f45f31be3ee65f2ae6e61fe6dc0b583606f9c57b54c460bb1b6_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a799a967668e9f45f31be3ee65f2ae6e61fe6dc0b583606f9c57b54c460bb1b6_amd64" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a799a967668e9f45f31be3ee65f2ae6e61fe6dc0b583606f9c57b54c460bb1b6_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d6352ce2ac7178ca7730294f3dc6a2f6f6f85888e52c3621722c548dea09f9_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d6352ce2ac7178ca7730294f3dc6a2f6f6f85888e52c3621722c548dea09f9_arm64" }, "product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d6352ce2ac7178ca7730294f3dc6a2f6f6f85888e52c3621722c548dea09f9_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:1a4555f082a0d0cb9de7b2f6ceade4201917c68949b96cd34242f60ac6b0e452_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:1a4555f082a0d0cb9de7b2f6ceade4201917c68949b96cd34242f60ac6b0e452_arm64" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:1a4555f082a0d0cb9de7b2f6ceade4201917c68949b96cd34242f60ac6b0e452_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:5a654a50c82878518a0ff57cb63b0a7edb4c3019d25dd54bc99cc1c9b842722a_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:5a654a50c82878518a0ff57cb63b0a7edb4c3019d25dd54bc99cc1c9b842722a_amd64" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:5a654a50c82878518a0ff57cb63b0a7edb4c3019d25dd54bc99cc1c9b842722a_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:5f02319bf9745be1aacfee77cdefc47ff54e7567e89dba56c07b1e17e4447e8e_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:5f02319bf9745be1aacfee77cdefc47ff54e7567e89dba56c07b1e17e4447e8e_ppc64le" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:5f02319bf9745be1aacfee77cdefc47ff54e7567e89dba56c07b1e17e4447e8e_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f6395b5342fccec8414c71e49a7b8b3a0cdc6238abce4bcef97268f1fdf510ed_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f6395b5342fccec8414c71e49a7b8b3a0cdc6238abce4bcef97268f1fdf510ed_s390x" }, "product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:f6395b5342fccec8414c71e49a7b8b3a0cdc6238abce4bcef97268f1fdf510ed_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:c03b5d752fd169db97532eac64c10871b865fc351536f2b4c471165534c2bf59_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c03b5d752fd169db97532eac64c10871b865fc351536f2b4c471165534c2bf59_ppc64le" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:c03b5d752fd169db97532eac64c10871b865fc351536f2b4c471165534c2bf59_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:c5f20bed7139363cc8c12fb3d38341027d3660ca1d8d1b3a74b6a2eb0d753ba9_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c5f20bed7139363cc8c12fb3d38341027d3660ca1d8d1b3a74b6a2eb0d753ba9_arm64" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:c5f20bed7139363cc8c12fb3d38341027d3660ca1d8d1b3a74b6a2eb0d753ba9_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:d9a3af8383fde0e7e08c8cd6a6679507d621900fc693bd5ed432234fb9184ef2_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:d9a3af8383fde0e7e08c8cd6a6679507d621900fc693bd5ed432234fb9184ef2_amd64" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:d9a3af8383fde0e7e08c8cd6a6679507d621900fc693bd5ed432234fb9184ef2_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/elasticsearch6-rhel8@sha256:f90bbb41cab58931aab34890b507d5fa2c2ae08b6320d4b35bd367f5dabd8f50_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:f90bbb41cab58931aab34890b507d5fa2c2ae08b6320d4b35bd367f5dabd8f50_s390x" }, "product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:f90bbb41cab58931aab34890b507d5fa2c2ae08b6320d4b35bd367f5dabd8f50_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:2da4527aa8d97669d602c7cf94373e16ee0dc2851e2303de49a919c3a85e1f41_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:2da4527aa8d97669d602c7cf94373e16ee0dc2851e2303de49a919c3a85e1f41_ppc64le" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:2da4527aa8d97669d602c7cf94373e16ee0dc2851e2303de49a919c3a85e1f41_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:50aae19f0750c0f35a905d81a758ff2c9dac6e410a3c6c0b76f9ef8ca112a64f_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:50aae19f0750c0f35a905d81a758ff2c9dac6e410a3c6c0b76f9ef8ca112a64f_s390x" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:50aae19f0750c0f35a905d81a758ff2c9dac6e410a3c6c0b76f9ef8ca112a64f_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:e59f049fac9cdbcdb695efc84d014fee9ed6d13c64ec2e8818fd619aa14dbe1d_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:e59f049fac9cdbcdb695efc84d014fee9ed6d13c64ec2e8818fd619aa14dbe1d_amd64" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:e59f049fac9cdbcdb695efc84d014fee9ed6d13c64ec2e8818fd619aa14dbe1d_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/eventrouter-rhel8@sha256:f861fadfefcf3e81597a33e94285603ea45e1956eb558279cee9a128012d0f59_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:f861fadfefcf3e81597a33e94285603ea45e1956eb558279cee9a128012d0f59_arm64" }, "product_reference": "openshift-logging/eventrouter-rhel8@sha256:f861fadfefcf3e81597a33e94285603ea45e1956eb558279cee9a128012d0f59_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:5c97c94c0904b478fe8b13a5d8127c053859046105a0baf4807700c2234998d9_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:5c97c94c0904b478fe8b13a5d8127c053859046105a0baf4807700c2234998d9_amd64" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:5c97c94c0904b478fe8b13a5d8127c053859046105a0baf4807700c2234998d9_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:933a3bf79972f2e5c8ba21aac1584778528dc6d090c1269fb9eb7f98bc3748e1_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:933a3bf79972f2e5c8ba21aac1584778528dc6d090c1269fb9eb7f98bc3748e1_arm64" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:933a3bf79972f2e5c8ba21aac1584778528dc6d090c1269fb9eb7f98bc3748e1_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:eb1994e66ed00564f8dfddcb7b6b3276ef4eaa798099c61b7eea6c803e329e35_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:eb1994e66ed00564f8dfddcb7b6b3276ef4eaa798099c61b7eea6c803e329e35_s390x" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:eb1994e66ed00564f8dfddcb7b6b3276ef4eaa798099c61b7eea6c803e329e35_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/fluentd-rhel8@sha256:f6b065eded5ec8c80c22a49ca37453dca681f74f8851490a178d813c77f27d62_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f6b065eded5ec8c80c22a49ca37453dca681f74f8851490a178d813c77f27d62_ppc64le" }, "product_reference": "openshift-logging/fluentd-rhel8@sha256:f6b065eded5ec8c80c22a49ca37453dca681f74f8851490a178d813c77f27d62_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:344d9cd561f7c62c6de21d2bac7662827edd530239e5607fa1eb6d1f8ceefdea_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:344d9cd561f7c62c6de21d2bac7662827edd530239e5607fa1eb6d1f8ceefdea_amd64" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:344d9cd561f7c62c6de21d2bac7662827edd530239e5607fa1eb6d1f8ceefdea_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:600e20533b2bb2f67277a19c1fc3a0732da6f01afd01e1b552535669ff88c262_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:600e20533b2bb2f67277a19c1fc3a0732da6f01afd01e1b552535669ff88c262_s390x" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:600e20533b2bb2f67277a19c1fc3a0732da6f01afd01e1b552535669ff88c262_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:7599a21ef8a5f6867cfc3f9a2a4126847b10060480469a6b91882b97905b0cad_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:7599a21ef8a5f6867cfc3f9a2a4126847b10060480469a6b91882b97905b0cad_arm64" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:7599a21ef8a5f6867cfc3f9a2a4126847b10060480469a6b91882b97905b0cad_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/kibana6-rhel8@sha256:d038bb1cb036a12405fd72590ad862a639189117d5876a82c866839907e35f73_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:d038bb1cb036a12405fd72590ad862a639189117d5876a82c866839907e35f73_ppc64le" }, "product_reference": "openshift-logging/kibana6-rhel8@sha256:d038bb1cb036a12405fd72590ad862a639189117d5876a82c866839907e35f73_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:099dcd31bd02a8608bf9aa62343f4bcb728c02c4ba3628e705258b1c2fabe580_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:099dcd31bd02a8608bf9aa62343f4bcb728c02c4ba3628e705258b1c2fabe580_arm64" }, "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:099dcd31bd02a8608bf9aa62343f4bcb728c02c4ba3628e705258b1c2fabe580_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:90e25734d33a06ef98524c90109eec153ccc6b3ac8f7b7c34214280058bb4c76_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:90e25734d33a06ef98524c90109eec153ccc6b3ac8f7b7c34214280058bb4c76_ppc64le" }, "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:90e25734d33a06ef98524c90109eec153ccc6b3ac8f7b7c34214280058bb4c76_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ced75e473f009c273c7ba9a38bc4a6d6b92eb5e9f561ea1de7abb81ffa207a91_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:ced75e473f009c273c7ba9a38bc4a6d6b92eb5e9f561ea1de7abb81ffa207a91_amd64" }, "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ced75e473f009c273c7ba9a38bc4a6d6b92eb5e9f561ea1de7abb81ffa207a91_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ee32b20430cd06c9bcd9349e3f1e8282e9e9a616fb398604b3717f73e6aaab91_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:ee32b20430cd06c9bcd9349e3f1e8282e9e9a616fb398604b3717f73e6aaab91_s390x" }, "product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ee32b20430cd06c9bcd9349e3f1e8282e9e9a616fb398604b3717f73e6aaab91_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:5746793b1fec9ffe6a077ba726018617e1b4e766f03b4ccef5dd3f505b3dda2f_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:5746793b1fec9ffe6a077ba726018617e1b4e766f03b4ccef5dd3f505b3dda2f_arm64" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:5746793b1fec9ffe6a077ba726018617e1b4e766f03b4ccef5dd3f505b3dda2f_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:64bea63dcaac7b40510055f4162b435a3f8088fa1a5fa47028cae7ee04cf4e37_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:64bea63dcaac7b40510055f4162b435a3f8088fa1a5fa47028cae7ee04cf4e37_ppc64le" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:64bea63dcaac7b40510055f4162b435a3f8088fa1a5fa47028cae7ee04cf4e37_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:92fb27a1aa2b1be0cc5549bc97242f7f05d090e8ba6308f49eb399b742eed3fc_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:92fb27a1aa2b1be0cc5549bc97242f7f05d090e8ba6308f49eb399b742eed3fc_amd64" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:92fb27a1aa2b1be0cc5549bc97242f7f05d090e8ba6308f49eb399b742eed3fc_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-curator5-rhel8@sha256:d0ad7c6e936658598cef688422e3315e85c8627c49f8449ef48fe1b1602cfa29_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:d0ad7c6e936658598cef688422e3315e85c8627c49f8449ef48fe1b1602cfa29_s390x" }, "product_reference": "openshift-logging/logging-curator5-rhel8@sha256:d0ad7c6e936658598cef688422e3315e85c8627c49f8449ef48fe1b1602cfa29_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-loki-rhel8@sha256:63c6ea77362370dd1a60c8d654a96bcbf488f5681445a3fc3f9dbe95d2924a5c_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:63c6ea77362370dd1a60c8d654a96bcbf488f5681445a3fc3f9dbe95d2924a5c_s390x" }, "product_reference": "openshift-logging/logging-loki-rhel8@sha256:63c6ea77362370dd1a60c8d654a96bcbf488f5681445a3fc3f9dbe95d2924a5c_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-loki-rhel8@sha256:82c7bf1ee3dc2be95909defbf53292155980d420baf513595739a9391b6c4e19_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:82c7bf1ee3dc2be95909defbf53292155980d420baf513595739a9391b6c4e19_amd64" }, "product_reference": "openshift-logging/logging-loki-rhel8@sha256:82c7bf1ee3dc2be95909defbf53292155980d420baf513595739a9391b6c4e19_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-loki-rhel8@sha256:d6c72b1be0243d91713ad5066a74722172d408cd94256bd61f613c9f61cb9030_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:d6c72b1be0243d91713ad5066a74722172d408cd94256bd61f613c9f61cb9030_ppc64le" }, "product_reference": "openshift-logging/logging-loki-rhel8@sha256:d6c72b1be0243d91713ad5066a74722172d408cd94256bd61f613c9f61cb9030_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-loki-rhel8@sha256:fee87f3de6d9bb44b0436f1fe6c706f7bf1ab7685d1ab00333939a8432492b31_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:fee87f3de6d9bb44b0436f1fe6c706f7bf1ab7685d1ab00333939a8432492b31_arm64" }, "product_reference": "openshift-logging/logging-loki-rhel8@sha256:fee87f3de6d9bb44b0436f1fe6c706f7bf1ab7685d1ab00333939a8432492b31_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:0cd5fe2598a0ea587e07d006ee4e8367e146cbc5ac2409e62b51d0d2eabcd9e7_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:0cd5fe2598a0ea587e07d006ee4e8367e146cbc5ac2409e62b51d0d2eabcd9e7_ppc64le" }, "product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:0cd5fe2598a0ea587e07d006ee4e8367e146cbc5ac2409e62b51d0d2eabcd9e7_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:4c4b0f10ea3d7eff3f2f6ee81963be829be283ba82e164c553d14f81905156cb_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:4c4b0f10ea3d7eff3f2f6ee81963be829be283ba82e164c553d14f81905156cb_s390x" }, "product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:4c4b0f10ea3d7eff3f2f6ee81963be829be283ba82e164c553d14f81905156cb_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:592a51ddcf3546502cc21b82be6e3011c20c59ea3740431018b30907ee11e4ac_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:592a51ddcf3546502cc21b82be6e3011c20c59ea3740431018b30907ee11e4ac_amd64" }, "product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:592a51ddcf3546502cc21b82be6e3011c20c59ea3740431018b30907ee11e4ac_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/logging-view-plugin-rhel8@sha256:b6bc0ab4ab8f31f81d7c5340918e69cad182b0a5e0669ef45f74f8810b1209f4_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:b6bc0ab4ab8f31f81d7c5340918e69cad182b0a5e0669ef45f74f8810b1209f4_arm64" }, "product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:b6bc0ab4ab8f31f81d7c5340918e69cad182b0a5e0669ef45f74f8810b1209f4_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/loki-operator-bundle@sha256:2e1df5346272bcfa8b8d0280df69fa648a0d16516d0b2addb3a12ec14906f4d0_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:2e1df5346272bcfa8b8d0280df69fa648a0d16516d0b2addb3a12ec14906f4d0_amd64" }, "product_reference": "openshift-logging/loki-operator-bundle@sha256:2e1df5346272bcfa8b8d0280df69fa648a0d16516d0b2addb3a12ec14906f4d0_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/loki-rhel8-operator@sha256:03f1cf4cb1eea8dd60eec55b92cefcd3fe9d2194eec1145d693daff66092dee5_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:03f1cf4cb1eea8dd60eec55b92cefcd3fe9d2194eec1145d693daff66092dee5_s390x" }, "product_reference": "openshift-logging/loki-rhel8-operator@sha256:03f1cf4cb1eea8dd60eec55b92cefcd3fe9d2194eec1145d693daff66092dee5_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/loki-rhel8-operator@sha256:098747d5fb20f9d871a62f04714a1a2d85561d9f09dd4e0c6733cf9062df80e1_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:098747d5fb20f9d871a62f04714a1a2d85561d9f09dd4e0c6733cf9062df80e1_ppc64le" }, "product_reference": "openshift-logging/loki-rhel8-operator@sha256:098747d5fb20f9d871a62f04714a1a2d85561d9f09dd4e0c6733cf9062df80e1_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/loki-rhel8-operator@sha256:16ddb250e456115e193392a08d322247ff0c8907e36abceab95b06d45b14b932_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:16ddb250e456115e193392a08d322247ff0c8907e36abceab95b06d45b14b932_arm64" }, "product_reference": "openshift-logging/loki-rhel8-operator@sha256:16ddb250e456115e193392a08d322247ff0c8907e36abceab95b06d45b14b932_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/loki-rhel8-operator@sha256:6fe90266c58241180f8548354586b2647146568579687935acc8dd240611872d_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6fe90266c58241180f8548354586b2647146568579687935acc8dd240611872d_amd64" }, "product_reference": "openshift-logging/loki-rhel8-operator@sha256:6fe90266c58241180f8548354586b2647146568579687935acc8dd240611872d_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:8118e813acde448251ee6a0e66d36e028f996f2e86f5ad6ba1a2699b04a94be0_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:8118e813acde448251ee6a0e66d36e028f996f2e86f5ad6ba1a2699b04a94be0_amd64" }, "product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:8118e813acde448251ee6a0e66d36e028f996f2e86f5ad6ba1a2699b04a94be0_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:967d139924314bd44373058ff26ceda4193223936f2528712d3144aeb4785704_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:967d139924314bd44373058ff26ceda4193223936f2528712d3144aeb4785704_arm64" }, "product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:967d139924314bd44373058ff26ceda4193223936f2528712d3144aeb4785704_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:c20dd71f574381c20abd76ab30c43bf92af0560bedb51fd7c3a6585f047d30ff_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:c20dd71f574381c20abd76ab30c43bf92af0560bedb51fd7c3a6585f047d30ff_ppc64le" }, "product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:c20dd71f574381c20abd76ab30c43bf92af0560bedb51fd7c3a6585f047d30ff_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/lokistack-gateway-rhel8@sha256:e089e8dd44785e6b54296f26c2ea3740841d0b024fc38283c372e3237734f07e_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:e089e8dd44785e6b54296f26c2ea3740841d0b024fc38283c372e3237734f07e_s390x" }, "product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:e089e8dd44785e6b54296f26c2ea3740841d0b024fc38283c372e3237734f07e_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/opa-openshift-rhel8@sha256:077381bfe6d494aacedfe9ea21398ef4a6f0c3c9e77f7aac84070450bc361de7_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:077381bfe6d494aacedfe9ea21398ef4a6f0c3c9e77f7aac84070450bc361de7_ppc64le" }, "product_reference": "openshift-logging/opa-openshift-rhel8@sha256:077381bfe6d494aacedfe9ea21398ef4a6f0c3c9e77f7aac84070450bc361de7_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/opa-openshift-rhel8@sha256:9d4b4276b923b60782d03d04d65bd290e5f92f201e6c4d9baad08e9eb32561e1_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:9d4b4276b923b60782d03d04d65bd290e5f92f201e6c4d9baad08e9eb32561e1_s390x" }, "product_reference": "openshift-logging/opa-openshift-rhel8@sha256:9d4b4276b923b60782d03d04d65bd290e5f92f201e6c4d9baad08e9eb32561e1_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/opa-openshift-rhel8@sha256:a7e6a512ed9cde3ffb8c6214e3c8b697b175d9fe5aaa90ef17fe02cc3144c1a8_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:a7e6a512ed9cde3ffb8c6214e3c8b697b175d9fe5aaa90ef17fe02cc3144c1a8_arm64" }, "product_reference": "openshift-logging/opa-openshift-rhel8@sha256:a7e6a512ed9cde3ffb8c6214e3c8b697b175d9fe5aaa90ef17fe02cc3144c1a8_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/opa-openshift-rhel8@sha256:c01bcc09942867514495c777becea8a8eef83ec80eee838922406cb156977400_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:c01bcc09942867514495c777becea8a8eef83ec80eee838922406cb156977400_amd64" }, "product_reference": "openshift-logging/opa-openshift-rhel8@sha256:c01bcc09942867514495c777becea8a8eef83ec80eee838922406cb156977400_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/vector-rhel8@sha256:2289ca68a0a07e537defe02132f6c0efa98368f0fc6fa44fcb75793e788a4c62_arm64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:2289ca68a0a07e537defe02132f6c0efa98368f0fc6fa44fcb75793e788a4c62_arm64" }, "product_reference": "openshift-logging/vector-rhel8@sha256:2289ca68a0a07e537defe02132f6c0efa98368f0fc6fa44fcb75793e788a4c62_arm64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/vector-rhel8@sha256:bb1285348400b3284ac6fa3e98664dfa7303ccc369afe7930c238be3880a87c6_s390x as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:bb1285348400b3284ac6fa3e98664dfa7303ccc369afe7930c238be3880a87c6_s390x" }, "product_reference": "openshift-logging/vector-rhel8@sha256:bb1285348400b3284ac6fa3e98664dfa7303ccc369afe7930c238be3880a87c6_s390x", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/vector-rhel8@sha256:bb7dcd344560e3b4c4dad7cc64aa42a8d4388fc5b24cf48fca40543cecbd4dc0_amd64 as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:bb7dcd344560e3b4c4dad7cc64aa42a8d4388fc5b24cf48fca40543cecbd4dc0_amd64" }, "product_reference": "openshift-logging/vector-rhel8@sha256:bb7dcd344560e3b4c4dad7cc64aa42a8d4388fc5b24cf48fca40543cecbd4dc0_amd64", "relates_to_product_reference": "8Base-RHOL-5.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-logging/vector-rhel8@sha256:f3ac64bb95781e0c4bb712accd6ce0949c6dbf653f177571a42f85841bc28ffb_ppc64le as a component of RHOL 5.6 for RHEL 8", "product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:f3ac64bb95781e0c4bb712accd6ce0949c6dbf653f177571a42f85841bc28ffb_ppc64le" }, "product_reference": "openshift-logging/vector-rhel8@sha256:f3ac64bb95781e0c4bb712accd6ce0949c6dbf653f177571a42f85841bc28ffb_ppc64le", "relates_to_product_reference": "8Base-RHOL-5.6" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-24999", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:c45854097cbbc184830cc41e57518afd1d93b909c5a6bf62d17cd922460f05a2_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:0e167d232bdccdf71846b69631314df97660da3e3581a9a50d78a85925b47883_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:25e99a1b6236720d27af67885dc9977c5a57ed7223ee26e00f97a6c77697fd38_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:911b3a6a531023ec51a42aad73cb56c5710344568226eada7b7332f51bca4167_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:d740ec313b251b04c2fda54b810617d0d61c586598a72a1fff2c39b5ff2b2a23_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:071423618c82b05abb31a7697b1b0f53cf1f6174a4adcc673fd7e080a2353c2e_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:00995f237bb8d4ec4fbb7643225a6ba191894f98a269daffba942e5aa1226f73_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:0ef99a61c41e5ba3f013ee8c3cbe3c9455f9089140f0685af4e551fc411dc1d4_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a799a967668e9f45f31be3ee65f2ae6e61fe6dc0b583606f9c57b54c460bb1b6_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d6352ce2ac7178ca7730294f3dc6a2f6f6f85888e52c3621722c548dea09f9_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:1a4555f082a0d0cb9de7b2f6ceade4201917c68949b96cd34242f60ac6b0e452_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:5a654a50c82878518a0ff57cb63b0a7edb4c3019d25dd54bc99cc1c9b842722a_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:5f02319bf9745be1aacfee77cdefc47ff54e7567e89dba56c07b1e17e4447e8e_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f6395b5342fccec8414c71e49a7b8b3a0cdc6238abce4bcef97268f1fdf510ed_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c03b5d752fd169db97532eac64c10871b865fc351536f2b4c471165534c2bf59_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c5f20bed7139363cc8c12fb3d38341027d3660ca1d8d1b3a74b6a2eb0d753ba9_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:d9a3af8383fde0e7e08c8cd6a6679507d621900fc693bd5ed432234fb9184ef2_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:f90bbb41cab58931aab34890b507d5fa2c2ae08b6320d4b35bd367f5dabd8f50_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:2da4527aa8d97669d602c7cf94373e16ee0dc2851e2303de49a919c3a85e1f41_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:50aae19f0750c0f35a905d81a758ff2c9dac6e410a3c6c0b76f9ef8ca112a64f_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:e59f049fac9cdbcdb695efc84d014fee9ed6d13c64ec2e8818fd619aa14dbe1d_amd64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:f861fadfefcf3e81597a33e94285603ea45e1956eb558279cee9a128012d0f59_arm64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:5c97c94c0904b478fe8b13a5d8127c053859046105a0baf4807700c2234998d9_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:933a3bf79972f2e5c8ba21aac1584778528dc6d090c1269fb9eb7f98bc3748e1_arm64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:eb1994e66ed00564f8dfddcb7b6b3276ef4eaa798099c61b7eea6c803e329e35_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f6b065eded5ec8c80c22a49ca37453dca681f74f8851490a178d813c77f27d62_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:344d9cd561f7c62c6de21d2bac7662827edd530239e5607fa1eb6d1f8ceefdea_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:600e20533b2bb2f67277a19c1fc3a0732da6f01afd01e1b552535669ff88c262_s390x", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:7599a21ef8a5f6867cfc3f9a2a4126847b10060480469a6b91882b97905b0cad_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:d038bb1cb036a12405fd72590ad862a639189117d5876a82c866839907e35f73_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:099dcd31bd02a8608bf9aa62343f4bcb728c02c4ba3628e705258b1c2fabe580_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:90e25734d33a06ef98524c90109eec153ccc6b3ac8f7b7c34214280058bb4c76_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:ced75e473f009c273c7ba9a38bc4a6d6b92eb5e9f561ea1de7abb81ffa207a91_amd64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:ee32b20430cd06c9bcd9349e3f1e8282e9e9a616fb398604b3717f73e6aaab91_s390x", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:5746793b1fec9ffe6a077ba726018617e1b4e766f03b4ccef5dd3f505b3dda2f_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:64bea63dcaac7b40510055f4162b435a3f8088fa1a5fa47028cae7ee04cf4e37_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:92fb27a1aa2b1be0cc5549bc97242f7f05d090e8ba6308f49eb399b742eed3fc_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:d0ad7c6e936658598cef688422e3315e85c8627c49f8449ef48fe1b1602cfa29_s390x", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:63c6ea77362370dd1a60c8d654a96bcbf488f5681445a3fc3f9dbe95d2924a5c_s390x", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:82c7bf1ee3dc2be95909defbf53292155980d420baf513595739a9391b6c4e19_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:d6c72b1be0243d91713ad5066a74722172d408cd94256bd61f613c9f61cb9030_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:fee87f3de6d9bb44b0436f1fe6c706f7bf1ab7685d1ab00333939a8432492b31_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:2e1df5346272bcfa8b8d0280df69fa648a0d16516d0b2addb3a12ec14906f4d0_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:03f1cf4cb1eea8dd60eec55b92cefcd3fe9d2194eec1145d693daff66092dee5_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:098747d5fb20f9d871a62f04714a1a2d85561d9f09dd4e0c6733cf9062df80e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:16ddb250e456115e193392a08d322247ff0c8907e36abceab95b06d45b14b932_arm64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6fe90266c58241180f8548354586b2647146568579687935acc8dd240611872d_amd64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:8118e813acde448251ee6a0e66d36e028f996f2e86f5ad6ba1a2699b04a94be0_amd64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:967d139924314bd44373058ff26ceda4193223936f2528712d3144aeb4785704_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:c20dd71f574381c20abd76ab30c43bf92af0560bedb51fd7c3a6585f047d30ff_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:e089e8dd44785e6b54296f26c2ea3740841d0b024fc38283c372e3237734f07e_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:077381bfe6d494aacedfe9ea21398ef4a6f0c3c9e77f7aac84070450bc361de7_ppc64le", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:9d4b4276b923b60782d03d04d65bd290e5f92f201e6c4d9baad08e9eb32561e1_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:a7e6a512ed9cde3ffb8c6214e3c8b697b175d9fe5aaa90ef17fe02cc3144c1a8_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:c01bcc09942867514495c777becea8a8eef83ec80eee838922406cb156977400_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:2289ca68a0a07e537defe02132f6c0efa98368f0fc6fa44fcb75793e788a4c62_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:bb1285348400b3284ac6fa3e98664dfa7303ccc369afe7930c238be3880a87c6_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:bb7dcd344560e3b4c4dad7cc64aa42a8d4388fc5b24cf48fca40543cecbd4dc0_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:f3ac64bb95781e0c4bb712accd6ce0949c6dbf653f177571a42f85841bc28ffb_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150323" } ], "notes": [ { "category": "description", "text": "A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "express: \"qs\" prototype poisoning causes the hang of the node process", "title": "Vulnerability summary" }, { "category": "other", "text": "- The qs and express Package is not used by the OpenShift Container Platform console directly and is only a third-party package dependency. Hence, it is marked as wontfix. \nAs a result, any services that depend on Openshift for their use of qs and express are marked won\u0027t fix. \n- In OpenShift Service Mesh, \u0027qs\u0027 is hoisted from storybook and node-sass, both are dev dependencies, and the vulnerability is not exposed to end users. Hence marked as wontfix.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:0cd5fe2598a0ea587e07d006ee4e8367e146cbc5ac2409e62b51d0d2eabcd9e7_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:4c4b0f10ea3d7eff3f2f6ee81963be829be283ba82e164c553d14f81905156cb_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:592a51ddcf3546502cc21b82be6e3011c20c59ea3740431018b30907ee11e4ac_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:b6bc0ab4ab8f31f81d7c5340918e69cad182b0a5e0669ef45f74f8810b1209f4_arm64" ], "known_not_affected": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:c45854097cbbc184830cc41e57518afd1d93b909c5a6bf62d17cd922460f05a2_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:0e167d232bdccdf71846b69631314df97660da3e3581a9a50d78a85925b47883_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:25e99a1b6236720d27af67885dc9977c5a57ed7223ee26e00f97a6c77697fd38_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:911b3a6a531023ec51a42aad73cb56c5710344568226eada7b7332f51bca4167_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:d740ec313b251b04c2fda54b810617d0d61c586598a72a1fff2c39b5ff2b2a23_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:071423618c82b05abb31a7697b1b0f53cf1f6174a4adcc673fd7e080a2353c2e_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:00995f237bb8d4ec4fbb7643225a6ba191894f98a269daffba942e5aa1226f73_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:0ef99a61c41e5ba3f013ee8c3cbe3c9455f9089140f0685af4e551fc411dc1d4_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a799a967668e9f45f31be3ee65f2ae6e61fe6dc0b583606f9c57b54c460bb1b6_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d6352ce2ac7178ca7730294f3dc6a2f6f6f85888e52c3621722c548dea09f9_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:1a4555f082a0d0cb9de7b2f6ceade4201917c68949b96cd34242f60ac6b0e452_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:5a654a50c82878518a0ff57cb63b0a7edb4c3019d25dd54bc99cc1c9b842722a_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:5f02319bf9745be1aacfee77cdefc47ff54e7567e89dba56c07b1e17e4447e8e_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f6395b5342fccec8414c71e49a7b8b3a0cdc6238abce4bcef97268f1fdf510ed_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c03b5d752fd169db97532eac64c10871b865fc351536f2b4c471165534c2bf59_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c5f20bed7139363cc8c12fb3d38341027d3660ca1d8d1b3a74b6a2eb0d753ba9_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:d9a3af8383fde0e7e08c8cd6a6679507d621900fc693bd5ed432234fb9184ef2_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:f90bbb41cab58931aab34890b507d5fa2c2ae08b6320d4b35bd367f5dabd8f50_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:2da4527aa8d97669d602c7cf94373e16ee0dc2851e2303de49a919c3a85e1f41_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:50aae19f0750c0f35a905d81a758ff2c9dac6e410a3c6c0b76f9ef8ca112a64f_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:e59f049fac9cdbcdb695efc84d014fee9ed6d13c64ec2e8818fd619aa14dbe1d_amd64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:f861fadfefcf3e81597a33e94285603ea45e1956eb558279cee9a128012d0f59_arm64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:5c97c94c0904b478fe8b13a5d8127c053859046105a0baf4807700c2234998d9_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:933a3bf79972f2e5c8ba21aac1584778528dc6d090c1269fb9eb7f98bc3748e1_arm64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:eb1994e66ed00564f8dfddcb7b6b3276ef4eaa798099c61b7eea6c803e329e35_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f6b065eded5ec8c80c22a49ca37453dca681f74f8851490a178d813c77f27d62_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:344d9cd561f7c62c6de21d2bac7662827edd530239e5607fa1eb6d1f8ceefdea_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:600e20533b2bb2f67277a19c1fc3a0732da6f01afd01e1b552535669ff88c262_s390x", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:7599a21ef8a5f6867cfc3f9a2a4126847b10060480469a6b91882b97905b0cad_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:d038bb1cb036a12405fd72590ad862a639189117d5876a82c866839907e35f73_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:099dcd31bd02a8608bf9aa62343f4bcb728c02c4ba3628e705258b1c2fabe580_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:90e25734d33a06ef98524c90109eec153ccc6b3ac8f7b7c34214280058bb4c76_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:ced75e473f009c273c7ba9a38bc4a6d6b92eb5e9f561ea1de7abb81ffa207a91_amd64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:ee32b20430cd06c9bcd9349e3f1e8282e9e9a616fb398604b3717f73e6aaab91_s390x", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:5746793b1fec9ffe6a077ba726018617e1b4e766f03b4ccef5dd3f505b3dda2f_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:64bea63dcaac7b40510055f4162b435a3f8088fa1a5fa47028cae7ee04cf4e37_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:92fb27a1aa2b1be0cc5549bc97242f7f05d090e8ba6308f49eb399b742eed3fc_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:d0ad7c6e936658598cef688422e3315e85c8627c49f8449ef48fe1b1602cfa29_s390x", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:63c6ea77362370dd1a60c8d654a96bcbf488f5681445a3fc3f9dbe95d2924a5c_s390x", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:82c7bf1ee3dc2be95909defbf53292155980d420baf513595739a9391b6c4e19_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:d6c72b1be0243d91713ad5066a74722172d408cd94256bd61f613c9f61cb9030_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:fee87f3de6d9bb44b0436f1fe6c706f7bf1ab7685d1ab00333939a8432492b31_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:2e1df5346272bcfa8b8d0280df69fa648a0d16516d0b2addb3a12ec14906f4d0_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:03f1cf4cb1eea8dd60eec55b92cefcd3fe9d2194eec1145d693daff66092dee5_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:098747d5fb20f9d871a62f04714a1a2d85561d9f09dd4e0c6733cf9062df80e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:16ddb250e456115e193392a08d322247ff0c8907e36abceab95b06d45b14b932_arm64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6fe90266c58241180f8548354586b2647146568579687935acc8dd240611872d_amd64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:8118e813acde448251ee6a0e66d36e028f996f2e86f5ad6ba1a2699b04a94be0_amd64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:967d139924314bd44373058ff26ceda4193223936f2528712d3144aeb4785704_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:c20dd71f574381c20abd76ab30c43bf92af0560bedb51fd7c3a6585f047d30ff_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:e089e8dd44785e6b54296f26c2ea3740841d0b024fc38283c372e3237734f07e_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:077381bfe6d494aacedfe9ea21398ef4a6f0c3c9e77f7aac84070450bc361de7_ppc64le", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:9d4b4276b923b60782d03d04d65bd290e5f92f201e6c4d9baad08e9eb32561e1_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:a7e6a512ed9cde3ffb8c6214e3c8b697b175d9fe5aaa90ef17fe02cc3144c1a8_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:c01bcc09942867514495c777becea8a8eef83ec80eee838922406cb156977400_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:2289ca68a0a07e537defe02132f6c0efa98368f0fc6fa44fcb75793e788a4c62_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:bb1285348400b3284ac6fa3e98664dfa7303ccc369afe7930c238be3880a87c6_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:bb7dcd344560e3b4c4dad7cc64aa42a8d4388fc5b24cf48fca40543cecbd4dc0_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:f3ac64bb95781e0c4bb712accd6ce0949c6dbf653f177571a42f85841bc28ffb_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24999" }, { "category": "external", "summary": "RHBZ#2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24999", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999" }, { "category": "external", "summary": "https://github.com/expressjs/express/releases/tag/4.17.3", "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "category": "external", "summary": "https://github.com/ljharb/qs/pull/428", "url": "https://github.com/ljharb/qs/pull/428" }, { "category": "external", "summary": "https://github.com/n8tz/CVE-2022-24999", "url": "https://github.com/n8tz/CVE-2022-24999" } ], "release_date": "2022-11-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-08T14:06:03+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:0cd5fe2598a0ea587e07d006ee4e8367e146cbc5ac2409e62b51d0d2eabcd9e7_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:4c4b0f10ea3d7eff3f2f6ee81963be829be283ba82e164c553d14f81905156cb_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:592a51ddcf3546502cc21b82be6e3011c20c59ea3740431018b30907ee11e4ac_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:b6bc0ab4ab8f31f81d7c5340918e69cad182b0a5e0669ef45f74f8810b1209f4_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0932" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:c45854097cbbc184830cc41e57518afd1d93b909c5a6bf62d17cd922460f05a2_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:0e167d232bdccdf71846b69631314df97660da3e3581a9a50d78a85925b47883_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:25e99a1b6236720d27af67885dc9977c5a57ed7223ee26e00f97a6c77697fd38_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:911b3a6a531023ec51a42aad73cb56c5710344568226eada7b7332f51bca4167_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:d740ec313b251b04c2fda54b810617d0d61c586598a72a1fff2c39b5ff2b2a23_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:071423618c82b05abb31a7697b1b0f53cf1f6174a4adcc673fd7e080a2353c2e_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:00995f237bb8d4ec4fbb7643225a6ba191894f98a269daffba942e5aa1226f73_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:0ef99a61c41e5ba3f013ee8c3cbe3c9455f9089140f0685af4e551fc411dc1d4_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a799a967668e9f45f31be3ee65f2ae6e61fe6dc0b583606f9c57b54c460bb1b6_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d6352ce2ac7178ca7730294f3dc6a2f6f6f85888e52c3621722c548dea09f9_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:1a4555f082a0d0cb9de7b2f6ceade4201917c68949b96cd34242f60ac6b0e452_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:5a654a50c82878518a0ff57cb63b0a7edb4c3019d25dd54bc99cc1c9b842722a_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:5f02319bf9745be1aacfee77cdefc47ff54e7567e89dba56c07b1e17e4447e8e_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f6395b5342fccec8414c71e49a7b8b3a0cdc6238abce4bcef97268f1fdf510ed_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c03b5d752fd169db97532eac64c10871b865fc351536f2b4c471165534c2bf59_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c5f20bed7139363cc8c12fb3d38341027d3660ca1d8d1b3a74b6a2eb0d753ba9_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:d9a3af8383fde0e7e08c8cd6a6679507d621900fc693bd5ed432234fb9184ef2_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:f90bbb41cab58931aab34890b507d5fa2c2ae08b6320d4b35bd367f5dabd8f50_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:2da4527aa8d97669d602c7cf94373e16ee0dc2851e2303de49a919c3a85e1f41_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:50aae19f0750c0f35a905d81a758ff2c9dac6e410a3c6c0b76f9ef8ca112a64f_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:e59f049fac9cdbcdb695efc84d014fee9ed6d13c64ec2e8818fd619aa14dbe1d_amd64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:f861fadfefcf3e81597a33e94285603ea45e1956eb558279cee9a128012d0f59_arm64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:5c97c94c0904b478fe8b13a5d8127c053859046105a0baf4807700c2234998d9_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:933a3bf79972f2e5c8ba21aac1584778528dc6d090c1269fb9eb7f98bc3748e1_arm64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:eb1994e66ed00564f8dfddcb7b6b3276ef4eaa798099c61b7eea6c803e329e35_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f6b065eded5ec8c80c22a49ca37453dca681f74f8851490a178d813c77f27d62_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:344d9cd561f7c62c6de21d2bac7662827edd530239e5607fa1eb6d1f8ceefdea_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:600e20533b2bb2f67277a19c1fc3a0732da6f01afd01e1b552535669ff88c262_s390x", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:7599a21ef8a5f6867cfc3f9a2a4126847b10060480469a6b91882b97905b0cad_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:d038bb1cb036a12405fd72590ad862a639189117d5876a82c866839907e35f73_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:099dcd31bd02a8608bf9aa62343f4bcb728c02c4ba3628e705258b1c2fabe580_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:90e25734d33a06ef98524c90109eec153ccc6b3ac8f7b7c34214280058bb4c76_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:ced75e473f009c273c7ba9a38bc4a6d6b92eb5e9f561ea1de7abb81ffa207a91_amd64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:ee32b20430cd06c9bcd9349e3f1e8282e9e9a616fb398604b3717f73e6aaab91_s390x", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:5746793b1fec9ffe6a077ba726018617e1b4e766f03b4ccef5dd3f505b3dda2f_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:64bea63dcaac7b40510055f4162b435a3f8088fa1a5fa47028cae7ee04cf4e37_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:92fb27a1aa2b1be0cc5549bc97242f7f05d090e8ba6308f49eb399b742eed3fc_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:d0ad7c6e936658598cef688422e3315e85c8627c49f8449ef48fe1b1602cfa29_s390x", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:63c6ea77362370dd1a60c8d654a96bcbf488f5681445a3fc3f9dbe95d2924a5c_s390x", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:82c7bf1ee3dc2be95909defbf53292155980d420baf513595739a9391b6c4e19_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:d6c72b1be0243d91713ad5066a74722172d408cd94256bd61f613c9f61cb9030_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:fee87f3de6d9bb44b0436f1fe6c706f7bf1ab7685d1ab00333939a8432492b31_arm64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:0cd5fe2598a0ea587e07d006ee4e8367e146cbc5ac2409e62b51d0d2eabcd9e7_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:4c4b0f10ea3d7eff3f2f6ee81963be829be283ba82e164c553d14f81905156cb_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:592a51ddcf3546502cc21b82be6e3011c20c59ea3740431018b30907ee11e4ac_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:b6bc0ab4ab8f31f81d7c5340918e69cad182b0a5e0669ef45f74f8810b1209f4_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:2e1df5346272bcfa8b8d0280df69fa648a0d16516d0b2addb3a12ec14906f4d0_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:03f1cf4cb1eea8dd60eec55b92cefcd3fe9d2194eec1145d693daff66092dee5_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:098747d5fb20f9d871a62f04714a1a2d85561d9f09dd4e0c6733cf9062df80e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:16ddb250e456115e193392a08d322247ff0c8907e36abceab95b06d45b14b932_arm64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6fe90266c58241180f8548354586b2647146568579687935acc8dd240611872d_amd64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:8118e813acde448251ee6a0e66d36e028f996f2e86f5ad6ba1a2699b04a94be0_amd64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:967d139924314bd44373058ff26ceda4193223936f2528712d3144aeb4785704_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:c20dd71f574381c20abd76ab30c43bf92af0560bedb51fd7c3a6585f047d30ff_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:e089e8dd44785e6b54296f26c2ea3740841d0b024fc38283c372e3237734f07e_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:077381bfe6d494aacedfe9ea21398ef4a6f0c3c9e77f7aac84070450bc361de7_ppc64le", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:9d4b4276b923b60782d03d04d65bd290e5f92f201e6c4d9baad08e9eb32561e1_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:a7e6a512ed9cde3ffb8c6214e3c8b697b175d9fe5aaa90ef17fe02cc3144c1a8_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:c01bcc09942867514495c777becea8a8eef83ec80eee838922406cb156977400_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:2289ca68a0a07e537defe02132f6c0efa98368f0fc6fa44fcb75793e788a4c62_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:bb1285348400b3284ac6fa3e98664dfa7303ccc369afe7930c238be3880a87c6_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:bb7dcd344560e3b4c4dad7cc64aa42a8d4388fc5b24cf48fca40543cecbd4dc0_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:f3ac64bb95781e0c4bb712accd6ce0949c6dbf653f177571a42f85841bc28ffb_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "express: \"qs\" prototype poisoning causes the hang of the node process" }, { "cve": "CVE-2022-41717", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2023-01-16T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:c45854097cbbc184830cc41e57518afd1d93b909c5a6bf62d17cd922460f05a2_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:071423618c82b05abb31a7697b1b0f53cf1f6174a4adcc673fd7e080a2353c2e_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:00995f237bb8d4ec4fbb7643225a6ba191894f98a269daffba942e5aa1226f73_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:0ef99a61c41e5ba3f013ee8c3cbe3c9455f9089140f0685af4e551fc411dc1d4_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a799a967668e9f45f31be3ee65f2ae6e61fe6dc0b583606f9c57b54c460bb1b6_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d6352ce2ac7178ca7730294f3dc6a2f6f6f85888e52c3621722c548dea09f9_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:1a4555f082a0d0cb9de7b2f6ceade4201917c68949b96cd34242f60ac6b0e452_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:5a654a50c82878518a0ff57cb63b0a7edb4c3019d25dd54bc99cc1c9b842722a_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:5f02319bf9745be1aacfee77cdefc47ff54e7567e89dba56c07b1e17e4447e8e_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f6395b5342fccec8414c71e49a7b8b3a0cdc6238abce4bcef97268f1fdf510ed_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c03b5d752fd169db97532eac64c10871b865fc351536f2b4c471165534c2bf59_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c5f20bed7139363cc8c12fb3d38341027d3660ca1d8d1b3a74b6a2eb0d753ba9_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:d9a3af8383fde0e7e08c8cd6a6679507d621900fc693bd5ed432234fb9184ef2_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:f90bbb41cab58931aab34890b507d5fa2c2ae08b6320d4b35bd367f5dabd8f50_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:5c97c94c0904b478fe8b13a5d8127c053859046105a0baf4807700c2234998d9_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:933a3bf79972f2e5c8ba21aac1584778528dc6d090c1269fb9eb7f98bc3748e1_arm64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:eb1994e66ed00564f8dfddcb7b6b3276ef4eaa798099c61b7eea6c803e329e35_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f6b065eded5ec8c80c22a49ca37453dca681f74f8851490a178d813c77f27d62_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:344d9cd561f7c62c6de21d2bac7662827edd530239e5607fa1eb6d1f8ceefdea_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:600e20533b2bb2f67277a19c1fc3a0732da6f01afd01e1b552535669ff88c262_s390x", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:7599a21ef8a5f6867cfc3f9a2a4126847b10060480469a6b91882b97905b0cad_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:d038bb1cb036a12405fd72590ad862a639189117d5876a82c866839907e35f73_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:099dcd31bd02a8608bf9aa62343f4bcb728c02c4ba3628e705258b1c2fabe580_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:90e25734d33a06ef98524c90109eec153ccc6b3ac8f7b7c34214280058bb4c76_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:ced75e473f009c273c7ba9a38bc4a6d6b92eb5e9f561ea1de7abb81ffa207a91_amd64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:ee32b20430cd06c9bcd9349e3f1e8282e9e9a616fb398604b3717f73e6aaab91_s390x", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:5746793b1fec9ffe6a077ba726018617e1b4e766f03b4ccef5dd3f505b3dda2f_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:64bea63dcaac7b40510055f4162b435a3f8088fa1a5fa47028cae7ee04cf4e37_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:92fb27a1aa2b1be0cc5549bc97242f7f05d090e8ba6308f49eb399b742eed3fc_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:d0ad7c6e936658598cef688422e3315e85c8627c49f8449ef48fe1b1602cfa29_s390x", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:63c6ea77362370dd1a60c8d654a96bcbf488f5681445a3fc3f9dbe95d2924a5c_s390x", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:82c7bf1ee3dc2be95909defbf53292155980d420baf513595739a9391b6c4e19_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:d6c72b1be0243d91713ad5066a74722172d408cd94256bd61f613c9f61cb9030_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:fee87f3de6d9bb44b0436f1fe6c706f7bf1ab7685d1ab00333939a8432492b31_arm64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:0cd5fe2598a0ea587e07d006ee4e8367e146cbc5ac2409e62b51d0d2eabcd9e7_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:4c4b0f10ea3d7eff3f2f6ee81963be829be283ba82e164c553d14f81905156cb_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:592a51ddcf3546502cc21b82be6e3011c20c59ea3740431018b30907ee11e4ac_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:b6bc0ab4ab8f31f81d7c5340918e69cad182b0a5e0669ef45f74f8810b1209f4_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:2e1df5346272bcfa8b8d0280df69fa648a0d16516d0b2addb3a12ec14906f4d0_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:03f1cf4cb1eea8dd60eec55b92cefcd3fe9d2194eec1145d693daff66092dee5_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:098747d5fb20f9d871a62f04714a1a2d85561d9f09dd4e0c6733cf9062df80e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:16ddb250e456115e193392a08d322247ff0c8907e36abceab95b06d45b14b932_arm64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6fe90266c58241180f8548354586b2647146568579687935acc8dd240611872d_amd64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:8118e813acde448251ee6a0e66d36e028f996f2e86f5ad6ba1a2699b04a94be0_amd64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:967d139924314bd44373058ff26ceda4193223936f2528712d3144aeb4785704_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:c20dd71f574381c20abd76ab30c43bf92af0560bedb51fd7c3a6585f047d30ff_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:e089e8dd44785e6b54296f26c2ea3740841d0b024fc38283c372e3237734f07e_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:077381bfe6d494aacedfe9ea21398ef4a6f0c3c9e77f7aac84070450bc361de7_ppc64le", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:9d4b4276b923b60782d03d04d65bd290e5f92f201e6c4d9baad08e9eb32561e1_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:a7e6a512ed9cde3ffb8c6214e3c8b697b175d9fe5aaa90ef17fe02cc3144c1a8_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:c01bcc09942867514495c777becea8a8eef83ec80eee838922406cb156977400_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:2289ca68a0a07e537defe02132f6c0efa98368f0fc6fa44fcb75793e788a4c62_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:bb1285348400b3284ac6fa3e98664dfa7303ccc369afe7930c238be3880a87c6_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:bb7dcd344560e3b4c4dad7cc64aa42a8d4388fc5b24cf48fca40543cecbd4dc0_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:f3ac64bb95781e0c4bb712accd6ce0949c6dbf653f177571a42f85841bc28ffb_ppc64le" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2161274" } ], "notes": [ { "category": "description", "text": "A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests", "title": "Vulnerability summary" }, { "category": "other", "text": "Within Red Hat OpenShift Container Platform, the grafana container is listed as will not fix. Since OCP 4.10, Grafana itself is not shipped and the Grafana web server is protected behind an OAuth proxy server.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:0e167d232bdccdf71846b69631314df97660da3e3581a9a50d78a85925b47883_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:25e99a1b6236720d27af67885dc9977c5a57ed7223ee26e00f97a6c77697fd38_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:911b3a6a531023ec51a42aad73cb56c5710344568226eada7b7332f51bca4167_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:d740ec313b251b04c2fda54b810617d0d61c586598a72a1fff2c39b5ff2b2a23_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:2da4527aa8d97669d602c7cf94373e16ee0dc2851e2303de49a919c3a85e1f41_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:50aae19f0750c0f35a905d81a758ff2c9dac6e410a3c6c0b76f9ef8ca112a64f_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:e59f049fac9cdbcdb695efc84d014fee9ed6d13c64ec2e8818fd619aa14dbe1d_amd64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:f861fadfefcf3e81597a33e94285603ea45e1956eb558279cee9a128012d0f59_arm64" ], "known_not_affected": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:c45854097cbbc184830cc41e57518afd1d93b909c5a6bf62d17cd922460f05a2_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:071423618c82b05abb31a7697b1b0f53cf1f6174a4adcc673fd7e080a2353c2e_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:00995f237bb8d4ec4fbb7643225a6ba191894f98a269daffba942e5aa1226f73_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:0ef99a61c41e5ba3f013ee8c3cbe3c9455f9089140f0685af4e551fc411dc1d4_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a799a967668e9f45f31be3ee65f2ae6e61fe6dc0b583606f9c57b54c460bb1b6_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d6352ce2ac7178ca7730294f3dc6a2f6f6f85888e52c3621722c548dea09f9_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:1a4555f082a0d0cb9de7b2f6ceade4201917c68949b96cd34242f60ac6b0e452_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:5a654a50c82878518a0ff57cb63b0a7edb4c3019d25dd54bc99cc1c9b842722a_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:5f02319bf9745be1aacfee77cdefc47ff54e7567e89dba56c07b1e17e4447e8e_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f6395b5342fccec8414c71e49a7b8b3a0cdc6238abce4bcef97268f1fdf510ed_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c03b5d752fd169db97532eac64c10871b865fc351536f2b4c471165534c2bf59_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c5f20bed7139363cc8c12fb3d38341027d3660ca1d8d1b3a74b6a2eb0d753ba9_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:d9a3af8383fde0e7e08c8cd6a6679507d621900fc693bd5ed432234fb9184ef2_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:f90bbb41cab58931aab34890b507d5fa2c2ae08b6320d4b35bd367f5dabd8f50_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:5c97c94c0904b478fe8b13a5d8127c053859046105a0baf4807700c2234998d9_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:933a3bf79972f2e5c8ba21aac1584778528dc6d090c1269fb9eb7f98bc3748e1_arm64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:eb1994e66ed00564f8dfddcb7b6b3276ef4eaa798099c61b7eea6c803e329e35_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f6b065eded5ec8c80c22a49ca37453dca681f74f8851490a178d813c77f27d62_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:344d9cd561f7c62c6de21d2bac7662827edd530239e5607fa1eb6d1f8ceefdea_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:600e20533b2bb2f67277a19c1fc3a0732da6f01afd01e1b552535669ff88c262_s390x", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:7599a21ef8a5f6867cfc3f9a2a4126847b10060480469a6b91882b97905b0cad_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:d038bb1cb036a12405fd72590ad862a639189117d5876a82c866839907e35f73_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:099dcd31bd02a8608bf9aa62343f4bcb728c02c4ba3628e705258b1c2fabe580_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:90e25734d33a06ef98524c90109eec153ccc6b3ac8f7b7c34214280058bb4c76_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:ced75e473f009c273c7ba9a38bc4a6d6b92eb5e9f561ea1de7abb81ffa207a91_amd64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:ee32b20430cd06c9bcd9349e3f1e8282e9e9a616fb398604b3717f73e6aaab91_s390x", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:5746793b1fec9ffe6a077ba726018617e1b4e766f03b4ccef5dd3f505b3dda2f_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:64bea63dcaac7b40510055f4162b435a3f8088fa1a5fa47028cae7ee04cf4e37_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:92fb27a1aa2b1be0cc5549bc97242f7f05d090e8ba6308f49eb399b742eed3fc_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:d0ad7c6e936658598cef688422e3315e85c8627c49f8449ef48fe1b1602cfa29_s390x", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:63c6ea77362370dd1a60c8d654a96bcbf488f5681445a3fc3f9dbe95d2924a5c_s390x", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:82c7bf1ee3dc2be95909defbf53292155980d420baf513595739a9391b6c4e19_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:d6c72b1be0243d91713ad5066a74722172d408cd94256bd61f613c9f61cb9030_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:fee87f3de6d9bb44b0436f1fe6c706f7bf1ab7685d1ab00333939a8432492b31_arm64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:0cd5fe2598a0ea587e07d006ee4e8367e146cbc5ac2409e62b51d0d2eabcd9e7_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:4c4b0f10ea3d7eff3f2f6ee81963be829be283ba82e164c553d14f81905156cb_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:592a51ddcf3546502cc21b82be6e3011c20c59ea3740431018b30907ee11e4ac_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:b6bc0ab4ab8f31f81d7c5340918e69cad182b0a5e0669ef45f74f8810b1209f4_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:2e1df5346272bcfa8b8d0280df69fa648a0d16516d0b2addb3a12ec14906f4d0_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:03f1cf4cb1eea8dd60eec55b92cefcd3fe9d2194eec1145d693daff66092dee5_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:098747d5fb20f9d871a62f04714a1a2d85561d9f09dd4e0c6733cf9062df80e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:16ddb250e456115e193392a08d322247ff0c8907e36abceab95b06d45b14b932_arm64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6fe90266c58241180f8548354586b2647146568579687935acc8dd240611872d_amd64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:8118e813acde448251ee6a0e66d36e028f996f2e86f5ad6ba1a2699b04a94be0_amd64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:967d139924314bd44373058ff26ceda4193223936f2528712d3144aeb4785704_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:c20dd71f574381c20abd76ab30c43bf92af0560bedb51fd7c3a6585f047d30ff_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:e089e8dd44785e6b54296f26c2ea3740841d0b024fc38283c372e3237734f07e_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:077381bfe6d494aacedfe9ea21398ef4a6f0c3c9e77f7aac84070450bc361de7_ppc64le", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:9d4b4276b923b60782d03d04d65bd290e5f92f201e6c4d9baad08e9eb32561e1_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:a7e6a512ed9cde3ffb8c6214e3c8b697b175d9fe5aaa90ef17fe02cc3144c1a8_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:c01bcc09942867514495c777becea8a8eef83ec80eee838922406cb156977400_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:2289ca68a0a07e537defe02132f6c0efa98368f0fc6fa44fcb75793e788a4c62_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:bb1285348400b3284ac6fa3e98664dfa7303ccc369afe7930c238be3880a87c6_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:bb7dcd344560e3b4c4dad7cc64aa42a8d4388fc5b24cf48fca40543cecbd4dc0_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:f3ac64bb95781e0c4bb712accd6ce0949c6dbf653f177571a42f85841bc28ffb_ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41717" }, { "category": "external", "summary": "RHBZ#2161274", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41717", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41717" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717" }, { "category": "external", "summary": "https://go.dev/cl/455635", "url": "https://go.dev/cl/455635" }, { "category": "external", "summary": "https://go.dev/cl/455717", "url": "https://go.dev/cl/455717" }, { "category": "external", "summary": "https://go.dev/issue/56350", "url": "https://go.dev/issue/56350" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", "url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2022-1144", "url": "https://pkg.go.dev/vuln/GO-2022-1144" } ], "release_date": "2022-11-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-08T14:06:03+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:0e167d232bdccdf71846b69631314df97660da3e3581a9a50d78a85925b47883_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:25e99a1b6236720d27af67885dc9977c5a57ed7223ee26e00f97a6c77697fd38_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:911b3a6a531023ec51a42aad73cb56c5710344568226eada7b7332f51bca4167_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:d740ec313b251b04c2fda54b810617d0d61c586598a72a1fff2c39b5ff2b2a23_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:2da4527aa8d97669d602c7cf94373e16ee0dc2851e2303de49a919c3a85e1f41_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:50aae19f0750c0f35a905d81a758ff2c9dac6e410a3c6c0b76f9ef8ca112a64f_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:e59f049fac9cdbcdb695efc84d014fee9ed6d13c64ec2e8818fd619aa14dbe1d_amd64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:f861fadfefcf3e81597a33e94285603ea45e1956eb558279cee9a128012d0f59_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0932" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:c45854097cbbc184830cc41e57518afd1d93b909c5a6bf62d17cd922460f05a2_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:0e167d232bdccdf71846b69631314df97660da3e3581a9a50d78a85925b47883_s390x", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:25e99a1b6236720d27af67885dc9977c5a57ed7223ee26e00f97a6c77697fd38_arm64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:911b3a6a531023ec51a42aad73cb56c5710344568226eada7b7332f51bca4167_amd64", "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:d740ec313b251b04c2fda54b810617d0d61c586598a72a1fff2c39b5ff2b2a23_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:071423618c82b05abb31a7697b1b0f53cf1f6174a4adcc673fd7e080a2353c2e_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:00995f237bb8d4ec4fbb7643225a6ba191894f98a269daffba942e5aa1226f73_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:0ef99a61c41e5ba3f013ee8c3cbe3c9455f9089140f0685af4e551fc411dc1d4_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:a799a967668e9f45f31be3ee65f2ae6e61fe6dc0b583606f9c57b54c460bb1b6_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e6d6352ce2ac7178ca7730294f3dc6a2f6f6f85888e52c3621722c548dea09f9_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:1a4555f082a0d0cb9de7b2f6ceade4201917c68949b96cd34242f60ac6b0e452_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:5a654a50c82878518a0ff57cb63b0a7edb4c3019d25dd54bc99cc1c9b842722a_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:5f02319bf9745be1aacfee77cdefc47ff54e7567e89dba56c07b1e17e4447e8e_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f6395b5342fccec8414c71e49a7b8b3a0cdc6238abce4bcef97268f1fdf510ed_s390x", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c03b5d752fd169db97532eac64c10871b865fc351536f2b4c471165534c2bf59_ppc64le", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:c5f20bed7139363cc8c12fb3d38341027d3660ca1d8d1b3a74b6a2eb0d753ba9_arm64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:d9a3af8383fde0e7e08c8cd6a6679507d621900fc693bd5ed432234fb9184ef2_amd64", "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:f90bbb41cab58931aab34890b507d5fa2c2ae08b6320d4b35bd367f5dabd8f50_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:2da4527aa8d97669d602c7cf94373e16ee0dc2851e2303de49a919c3a85e1f41_ppc64le", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:50aae19f0750c0f35a905d81a758ff2c9dac6e410a3c6c0b76f9ef8ca112a64f_s390x", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:e59f049fac9cdbcdb695efc84d014fee9ed6d13c64ec2e8818fd619aa14dbe1d_amd64", "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:f861fadfefcf3e81597a33e94285603ea45e1956eb558279cee9a128012d0f59_arm64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:5c97c94c0904b478fe8b13a5d8127c053859046105a0baf4807700c2234998d9_amd64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:933a3bf79972f2e5c8ba21aac1584778528dc6d090c1269fb9eb7f98bc3748e1_arm64", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:eb1994e66ed00564f8dfddcb7b6b3276ef4eaa798099c61b7eea6c803e329e35_s390x", "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:f6b065eded5ec8c80c22a49ca37453dca681f74f8851490a178d813c77f27d62_ppc64le", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:344d9cd561f7c62c6de21d2bac7662827edd530239e5607fa1eb6d1f8ceefdea_amd64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:600e20533b2bb2f67277a19c1fc3a0732da6f01afd01e1b552535669ff88c262_s390x", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:7599a21ef8a5f6867cfc3f9a2a4126847b10060480469a6b91882b97905b0cad_arm64", "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:d038bb1cb036a12405fd72590ad862a639189117d5876a82c866839907e35f73_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:099dcd31bd02a8608bf9aa62343f4bcb728c02c4ba3628e705258b1c2fabe580_arm64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:90e25734d33a06ef98524c90109eec153ccc6b3ac8f7b7c34214280058bb4c76_ppc64le", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:ced75e473f009c273c7ba9a38bc4a6d6b92eb5e9f561ea1de7abb81ffa207a91_amd64", "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:ee32b20430cd06c9bcd9349e3f1e8282e9e9a616fb398604b3717f73e6aaab91_s390x", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:5746793b1fec9ffe6a077ba726018617e1b4e766f03b4ccef5dd3f505b3dda2f_arm64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:64bea63dcaac7b40510055f4162b435a3f8088fa1a5fa47028cae7ee04cf4e37_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:92fb27a1aa2b1be0cc5549bc97242f7f05d090e8ba6308f49eb399b742eed3fc_amd64", "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:d0ad7c6e936658598cef688422e3315e85c8627c49f8449ef48fe1b1602cfa29_s390x", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:63c6ea77362370dd1a60c8d654a96bcbf488f5681445a3fc3f9dbe95d2924a5c_s390x", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:82c7bf1ee3dc2be95909defbf53292155980d420baf513595739a9391b6c4e19_amd64", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:d6c72b1be0243d91713ad5066a74722172d408cd94256bd61f613c9f61cb9030_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:fee87f3de6d9bb44b0436f1fe6c706f7bf1ab7685d1ab00333939a8432492b31_arm64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:0cd5fe2598a0ea587e07d006ee4e8367e146cbc5ac2409e62b51d0d2eabcd9e7_ppc64le", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:4c4b0f10ea3d7eff3f2f6ee81963be829be283ba82e164c553d14f81905156cb_s390x", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:592a51ddcf3546502cc21b82be6e3011c20c59ea3740431018b30907ee11e4ac_amd64", "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:b6bc0ab4ab8f31f81d7c5340918e69cad182b0a5e0669ef45f74f8810b1209f4_arm64", "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:2e1df5346272bcfa8b8d0280df69fa648a0d16516d0b2addb3a12ec14906f4d0_amd64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:03f1cf4cb1eea8dd60eec55b92cefcd3fe9d2194eec1145d693daff66092dee5_s390x", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:098747d5fb20f9d871a62f04714a1a2d85561d9f09dd4e0c6733cf9062df80e1_ppc64le", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:16ddb250e456115e193392a08d322247ff0c8907e36abceab95b06d45b14b932_arm64", "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6fe90266c58241180f8548354586b2647146568579687935acc8dd240611872d_amd64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:8118e813acde448251ee6a0e66d36e028f996f2e86f5ad6ba1a2699b04a94be0_amd64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:967d139924314bd44373058ff26ceda4193223936f2528712d3144aeb4785704_arm64", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:c20dd71f574381c20abd76ab30c43bf92af0560bedb51fd7c3a6585f047d30ff_ppc64le", "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:e089e8dd44785e6b54296f26c2ea3740841d0b024fc38283c372e3237734f07e_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:077381bfe6d494aacedfe9ea21398ef4a6f0c3c9e77f7aac84070450bc361de7_ppc64le", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:9d4b4276b923b60782d03d04d65bd290e5f92f201e6c4d9baad08e9eb32561e1_s390x", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:a7e6a512ed9cde3ffb8c6214e3c8b697b175d9fe5aaa90ef17fe02cc3144c1a8_arm64", "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:c01bcc09942867514495c777becea8a8eef83ec80eee838922406cb156977400_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:2289ca68a0a07e537defe02132f6c0efa98368f0fc6fa44fcb75793e788a4c62_arm64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:bb1285348400b3284ac6fa3e98664dfa7303ccc369afe7930c238be3880a87c6_s390x", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:bb7dcd344560e3b4c4dad7cc64aa42a8d4388fc5b24cf48fca40543cecbd4dc0_amd64", "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:f3ac64bb95781e0c4bb712accd6ce0949c6dbf653f177571a42f85841bc28ffb_ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests" } ] }
rhsa-2023_0794
Vulnerability from csaf_redhat
Published
2023-02-15 21:17
Modified
2024-12-10 17:43
Summary
Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.4 bug fixes and security updates
Notes
Topic
Red Hat Advanced Cluster Management for Kubernetes 2.6.4 General
Availability release images, which fix bugs and update container images.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE links in the References section.
Details
Red Hat Advanced Cluster Management for Kubernetes 2.6.4 images
Red Hat Advanced Cluster Management for Kubernetes provides the
capabilities to address common challenges that administrators and site
reliability engineers face as they work across a range of public and
private cloud environments. Clusters and applications are all visible and
managed from a single console—with security policy built in.
This advisory contains the container images for Red Hat Advanced Cluster
Management for Kubernetes, which fix several bugs. See the following
Release Notes documentation, which will be updated shortly for this
release, for additional details about this release:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/release_notes/
Issue addressed:
* RHACM 2.6.4 images (BZ# 2153382)
Security fixes:
* CVE-2022-24999 express: "qs" prototype poisoning causes the hang of the node process
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat Advanced Cluster Management for Kubernetes 2.6.4 General\nAvailability release images, which fix bugs and update container images.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Advanced Cluster Management for Kubernetes 2.6.4 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in.\n\nThis advisory contains the container images for Red Hat Advanced Cluster\nManagement for Kubernetes, which fix several bugs. See the following\nRelease Notes documentation, which will be updated shortly for this\nrelease, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html/release_notes/\n\nIssue addressed:\n\n* RHACM 2.6.4 images (BZ# 2153382)\n\nSecurity fixes:\n\n* CVE-2022-24999 express: \"qs\" prototype poisoning causes the hang of the node process", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:0794", "url": "https://access.redhat.com/errata/RHSA-2023:0794" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "2153382", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2153382" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0794.json" } ], "title": "Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.4 bug fixes and security updates", "tracking": { "current_release_date": "2024-12-10T17:43:04+00:00", "generator": { "date": "2024-12-10T17:43:04+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2023:0794", "initial_release_date": "2023-02-15T21:17:30+00:00", "revision_history": [ { "date": "2023-02-15T21:17:30+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-02-15T21:17:30+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-10T17:43:04+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product": { "name": "Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6", "product_identification_helper": { "cpe": "cpe:/a:redhat:acm:2.6::el8" } } } ], "category": "product_family", "name": "Red Hat ACM" }, { "branches": [ { "category": "product_version", "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:016f483a5e59153e14800c37d7e16da2fd074dcb84e0db61521c209d148e4fd3_s390x", "product": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:016f483a5e59153e14800c37d7e16da2fd074dcb84e0db61521c209d148e4fd3_s390x", "product_id": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:016f483a5e59153e14800c37d7e16da2fd074dcb84e0db61521c209d148e4fd3_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-governance-policy-addon-controller-rhel8@sha256:016f483a5e59153e14800c37d7e16da2fd074dcb84e0db61521c209d148e4fd3?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-addon-controller-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/acm-grafana-rhel8@sha256:899cb767f3e31ec536ca9d48930b1eaabb4907e6ec65d99fe0b9e186d0df6ca2_s390x", "product": { "name": "rhacm2/acm-grafana-rhel8@sha256:899cb767f3e31ec536ca9d48930b1eaabb4907e6ec65d99fe0b9e186d0df6ca2_s390x", "product_id": "rhacm2/acm-grafana-rhel8@sha256:899cb767f3e31ec536ca9d48930b1eaabb4907e6ec65d99fe0b9e186d0df6ca2_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-grafana-rhel8@sha256:899cb767f3e31ec536ca9d48930b1eaabb4907e6ec65d99fe0b9e186d0df6ca2?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/acm-must-gather-rhel8@sha256:dda9d7c21f0ed27d0362402e7b5ce2883ab00b5122c1183b62072b7b2f558d8c_s390x", "product": { "name": "rhacm2/acm-must-gather-rhel8@sha256:dda9d7c21f0ed27d0362402e7b5ce2883ab00b5122c1183b62072b7b2f558d8c_s390x", "product_id": "rhacm2/acm-must-gather-rhel8@sha256:dda9d7c21f0ed27d0362402e7b5ce2883ab00b5122c1183b62072b7b2f558d8c_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-must-gather-rhel8@sha256:dda9d7c21f0ed27d0362402e7b5ce2883ab00b5122c1183b62072b7b2f558d8c?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/acm-operator-bundle@sha256:5974496dcb98fb518cff7eb1d65fa84b44ca498d6b226715815152e4da018257_s390x", "product": { "name": "rhacm2/acm-operator-bundle@sha256:5974496dcb98fb518cff7eb1d65fa84b44ca498d6b226715815152e4da018257_s390x", "product_id": "rhacm2/acm-operator-bundle@sha256:5974496dcb98fb518cff7eb1d65fa84b44ca498d6b226715815152e4da018257_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-operator-bundle@sha256:5974496dcb98fb518cff7eb1d65fa84b44ca498d6b226715815152e4da018257?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.6.4-31" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0cb8bc0ed7d77f5a21023dbe793bf9e56e36dbbc7488f5998c999c7593e55e73_s390x", "product": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0cb8bc0ed7d77f5a21023dbe793bf9e56e36dbbc7488f5998c999c7593e55e73_s390x", "product_id": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0cb8bc0ed7d77f5a21023dbe793bf9e56e36dbbc7488f5998c999c7593e55e73_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-config-reloader-rhel8@sha256:0cb8bc0ed7d77f5a21023dbe793bf9e56e36dbbc7488f5998c999c7593e55e73?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-config-reloader-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-rhel8@sha256:a31024043f963ee49a4eaab131085952742ef082e1c47cc676998d6dcf207a6f_s390x", "product": { "name": "rhacm2/acm-prometheus-rhel8@sha256:a31024043f963ee49a4eaab131085952742ef082e1c47cc676998d6dcf207a6f_s390x", "product_id": "rhacm2/acm-prometheus-rhel8@sha256:a31024043f963ee49a4eaab131085952742ef082e1c47cc676998d6dcf207a6f_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-rhel8@sha256:a31024043f963ee49a4eaab131085952742ef082e1c47cc676998d6dcf207a6f?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:7dc6c8a7939703d32323f7808810b1358aa34c080e1171cf7e5cb2a5a79e86ce_s390x", "product": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:7dc6c8a7939703d32323f7808810b1358aa34c080e1171cf7e5cb2a5a79e86ce_s390x", "product_id": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:7dc6c8a7939703d32323f7808810b1358aa34c080e1171cf7e5cb2a5a79e86ce_s390x", "product_identification_helper": { "purl": "pkg:oci/acm-volsync-addon-controller-rhel8@sha256:7dc6c8a7939703d32323f7808810b1358aa34c080e1171cf7e5cb2a5a79e86ce?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/acm-volsync-addon-controller-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/cert-policy-controller-rhel8@sha256:c3688d17fdae2a92ac51771fff354666ae0caaa298dc155e477a43b4f5c56133_s390x", "product": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:c3688d17fdae2a92ac51771fff354666ae0caaa298dc155e477a43b4f5c56133_s390x", "product_id": "rhacm2/cert-policy-controller-rhel8@sha256:c3688d17fdae2a92ac51771fff354666ae0caaa298dc155e477a43b4f5c56133_s390x", "product_identification_helper": { "purl": "pkg:oci/cert-policy-controller-rhel8@sha256:c3688d17fdae2a92ac51771fff354666ae0caaa298dc155e477a43b4f5c56133?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/cluster-backup-rhel8-operator@sha256:5adb81f731b8399658946e6adadb67588f31d8edf3affbddfd7587afe0b487ae_s390x", "product": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:5adb81f731b8399658946e6adadb67588f31d8edf3affbddfd7587afe0b487ae_s390x", "product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:5adb81f731b8399658946e6adadb67588f31d8edf3affbddfd7587afe0b487ae_s390x", "product_identification_helper": { "purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:5adb81f731b8399658946e6adadb67588f31d8edf3affbddfd7587afe0b487ae?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/config-policy-controller-rhel8@sha256:80b49ccd71c92b359e8d872e47e8c5c5f8cc4d538fe5d62f1866b30d012ad0ab_s390x", "product": { "name": "rhacm2/config-policy-controller-rhel8@sha256:80b49ccd71c92b359e8d872e47e8c5c5f8cc4d538fe5d62f1866b30d012ad0ab_s390x", "product_id": "rhacm2/config-policy-controller-rhel8@sha256:80b49ccd71c92b359e8d872e47e8c5c5f8cc4d538fe5d62f1866b30d012ad0ab_s390x", "product_identification_helper": { "purl": "pkg:oci/config-policy-controller-rhel8@sha256:80b49ccd71c92b359e8d872e47e8c5c5f8cc4d538fe5d62f1866b30d012ad0ab?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/console-rhel8@sha256:6a0d8b3b5245d310b97053106f3efd1bad5c9f36a0e1e95d7a8422203a79c9ce_s390x", "product": { "name": "rhacm2/console-rhel8@sha256:6a0d8b3b5245d310b97053106f3efd1bad5c9f36a0e1e95d7a8422203a79c9ce_s390x", "product_id": "rhacm2/console-rhel8@sha256:6a0d8b3b5245d310b97053106f3efd1bad5c9f36a0e1e95d7a8422203a79c9ce_s390x", "product_identification_helper": { "purl": "pkg:oci/console-rhel8@sha256:6a0d8b3b5245d310b97053106f3efd1bad5c9f36a0e1e95d7a8422203a79c9ce?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.6.4-18" } } }, { "category": "product_version", "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:60ffd918bb2555301ff77cc9aa0ed07b972055f5e3479cd272e2a37a25f6dca9_s390x", "product": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:60ffd918bb2555301ff77cc9aa0ed07b972055f5e3479cd272e2a37a25f6dca9_s390x", "product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:60ffd918bb2555301ff77cc9aa0ed07b972055f5e3479cd272e2a37a25f6dca9_s390x", "product_identification_helper": { "purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:60ffd918bb2555301ff77cc9aa0ed07b972055f5e3479cd272e2a37a25f6dca9?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-propagator-rhel8@sha256:36311cf8452859515d1f38890c24be9a2700f57c56aa400899d055b115fa584c_s390x", "product": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:36311cf8452859515d1f38890c24be9a2700f57c56aa400899d055b115fa584c_s390x", "product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:36311cf8452859515d1f38890c24be9a2700f57c56aa400899d055b115fa584c_s390x", "product_identification_helper": { "purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:36311cf8452859515d1f38890c24be9a2700f57c56aa400899d055b115fa584c?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:d4d0e7ba33b9e6d6587ce1b28ec25adc1e089d501d877d89ca648b63fb2a277e_s390x", "product": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:d4d0e7ba33b9e6d6587ce1b28ec25adc1e089d501d877d89ca648b63fb2a277e_s390x", "product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:d4d0e7ba33b9e6d6587ce1b28ec25adc1e089d501d877d89ca648b63fb2a277e_s390x", "product_identification_helper": { "purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:d4d0e7ba33b9e6d6587ce1b28ec25adc1e089d501d877d89ca648b63fb2a277e?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:e3676c01071ea21f4fac104f37498fdf5b3fba1a179ba9cc711e6fcec30e82e8_s390x", "product": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:e3676c01071ea21f4fac104f37498fdf5b3fba1a179ba9cc711e6fcec30e82e8_s390x", "product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:e3676c01071ea21f4fac104f37498fdf5b3fba1a179ba9cc711e6fcec30e82e8_s390x", "product_identification_helper": { "purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:e3676c01071ea21f4fac104f37498fdf5b3fba1a179ba9cc711e6fcec30e82e8?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:1eb6675c10505c3879114b1943b507e0fbfa25f036a5f16135620e45dbf7658c_s390x", "product": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:1eb6675c10505c3879114b1943b507e0fbfa25f036a5f16135620e45dbf7658c_s390x", "product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:1eb6675c10505c3879114b1943b507e0fbfa25f036a5f16135620e45dbf7658c_s390x", "product_identification_helper": { "purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:1eb6675c10505c3879114b1943b507e0fbfa25f036a5f16135620e45dbf7658c?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:80418945860182a602c612527776d46f785d3559f785830f7c6e82393d19cb4d_s390x", "product": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:80418945860182a602c612527776d46f785d3559f785830f7c6e82393d19cb4d_s390x", "product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:80418945860182a602c612527776d46f785d3559f785830f7c6e82393d19cb4d_s390x", "product_identification_helper": { "purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:80418945860182a602c612527776d46f785d3559f785830f7c6e82393d19cb4d?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/iam-policy-controller-rhel8@sha256:5c6a3d48b7cb1e8232982c5eac1a2b4387c282dfd605e2a557bec96f1f933f6d_s390x", "product": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:5c6a3d48b7cb1e8232982c5eac1a2b4387c282dfd605e2a557bec96f1f933f6d_s390x", "product_id": "rhacm2/iam-policy-controller-rhel8@sha256:5c6a3d48b7cb1e8232982c5eac1a2b4387c282dfd605e2a557bec96f1f933f6d_s390x", "product_identification_helper": { "purl": "pkg:oci/iam-policy-controller-rhel8@sha256:5c6a3d48b7cb1e8232982c5eac1a2b4387c282dfd605e2a557bec96f1f933f6d?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/insights-client-rhel8@sha256:bc072c76f3859a263c3d16910d35970be75b2e5f38372e8fdaf2d3aafbac56a0_s390x", "product": { "name": "rhacm2/insights-client-rhel8@sha256:bc072c76f3859a263c3d16910d35970be75b2e5f38372e8fdaf2d3aafbac56a0_s390x", "product_id": "rhacm2/insights-client-rhel8@sha256:bc072c76f3859a263c3d16910d35970be75b2e5f38372e8fdaf2d3aafbac56a0_s390x", "product_identification_helper": { "purl": "pkg:oci/insights-client-rhel8@sha256:bc072c76f3859a263c3d16910d35970be75b2e5f38372e8fdaf2d3aafbac56a0?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/insights-metrics-rhel8@sha256:ff06b32d082d92e28c1717004064d3c7d86bfd0216397c945c15728a6ee215ef_s390x", "product": { "name": "rhacm2/insights-metrics-rhel8@sha256:ff06b32d082d92e28c1717004064d3c7d86bfd0216397c945c15728a6ee215ef_s390x", "product_id": "rhacm2/insights-metrics-rhel8@sha256:ff06b32d082d92e28c1717004064d3c7d86bfd0216397c945c15728a6ee215ef_s390x", "product_identification_helper": { "purl": "pkg:oci/insights-metrics-rhel8@sha256:ff06b32d082d92e28c1717004064d3c7d86bfd0216397c945c15728a6ee215ef?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:797874e0775333e4a49efccafb02457047626957bdbb1433daf23760971ced06_s390x", "product": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:797874e0775333e4a49efccafb02457047626957bdbb1433daf23760971ced06_s390x", "product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:797874e0775333e4a49efccafb02457047626957bdbb1433daf23760971ced06_s390x", "product_identification_helper": { "purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:797874e0775333e4a49efccafb02457047626957bdbb1433daf23760971ced06?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:fd688c4075f922cbe83adcb086ff46a532305254b5afe9a4e47da04834a23a5a_s390x", "product": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:fd688c4075f922cbe83adcb086ff46a532305254b5afe9a4e47da04834a23a5a_s390x", "product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:fd688c4075f922cbe83adcb086ff46a532305254b5afe9a4e47da04834a23a5a_s390x", "product_identification_helper": { "purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:fd688c4075f922cbe83adcb086ff46a532305254b5afe9a4e47da04834a23a5a?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/kube-state-metrics-rhel8@sha256:ef2946f0a6f2d46dd41ddb074dc570ab34eadd1abfc4ed0ef71ab3821c3e5b06_s390x", "product": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:ef2946f0a6f2d46dd41ddb074dc570ab34eadd1abfc4ed0ef71ab3821c3e5b06_s390x", "product_id": "rhacm2/kube-state-metrics-rhel8@sha256:ef2946f0a6f2d46dd41ddb074dc570ab34eadd1abfc4ed0ef71ab3821c3e5b06_s390x", "product_identification_helper": { "purl": "pkg:oci/kube-state-metrics-rhel8@sha256:ef2946f0a6f2d46dd41ddb074dc570ab34eadd1abfc4ed0ef71ab3821c3e5b06?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/management-ingress-rhel8@sha256:58775de0ea7bc5d9ca4545b0c93c0bab71d0c4e0bcc21e86bc6f6e799875ff23_s390x", "product": { "name": "rhacm2/management-ingress-rhel8@sha256:58775de0ea7bc5d9ca4545b0c93c0bab71d0c4e0bcc21e86bc6f6e799875ff23_s390x", "product_id": "rhacm2/management-ingress-rhel8@sha256:58775de0ea7bc5d9ca4545b0c93c0bab71d0c4e0bcc21e86bc6f6e799875ff23_s390x", "product_identification_helper": { "purl": "pkg:oci/management-ingress-rhel8@sha256:58775de0ea7bc5d9ca4545b0c93c0bab71d0c4e0bcc21e86bc6f6e799875ff23?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/memcached-rhel8@sha256:fd666a970e27a34561fc0ec031d86f2e7f453e3865e68289dc5b592387dcad70_s390x", "product": { "name": "rhacm2/memcached-rhel8@sha256:fd666a970e27a34561fc0ec031d86f2e7f453e3865e68289dc5b592387dcad70_s390x", "product_id": "rhacm2/memcached-rhel8@sha256:fd666a970e27a34561fc0ec031d86f2e7f453e3865e68289dc5b592387dcad70_s390x", "product_identification_helper": { "purl": "pkg:oci/memcached-rhel8@sha256:fd666a970e27a34561fc0ec031d86f2e7f453e3865e68289dc5b592387dcad70?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.6.4-4" } } }, { "category": "product_version", "name": "rhacm2/memcached-exporter-rhel8@sha256:15b0ce69868674b0f82ae4baf3590a54e01d9ebcc9dbc793e31f923289f8a975_s390x", "product": { "name": "rhacm2/memcached-exporter-rhel8@sha256:15b0ce69868674b0f82ae4baf3590a54e01d9ebcc9dbc793e31f923289f8a975_s390x", "product_id": "rhacm2/memcached-exporter-rhel8@sha256:15b0ce69868674b0f82ae4baf3590a54e01d9ebcc9dbc793e31f923289f8a975_s390x", "product_identification_helper": { "purl": "pkg:oci/memcached-exporter-rhel8@sha256:15b0ce69868674b0f82ae4baf3590a54e01d9ebcc9dbc793e31f923289f8a975?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/metrics-collector-rhel8@sha256:dc64483b0208b0a1cc1fbc463364f58ac7aab2eaa259c4f4e8e78ccaf89d2998_s390x", "product": { "name": "rhacm2/metrics-collector-rhel8@sha256:dc64483b0208b0a1cc1fbc463364f58ac7aab2eaa259c4f4e8e78ccaf89d2998_s390x", "product_id": "rhacm2/metrics-collector-rhel8@sha256:dc64483b0208b0a1cc1fbc463364f58ac7aab2eaa259c4f4e8e78ccaf89d2998_s390x", "product_identification_helper": { "purl": "pkg:oci/metrics-collector-rhel8@sha256:dc64483b0208b0a1cc1fbc463364f58ac7aab2eaa259c4f4e8e78ccaf89d2998?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/multicloud-integrations-rhel8@sha256:bb4fda4fdce6dcf70c3aae9c8d3ab9cf0c8c37c148558b9cf66872045dc3a1dd_s390x", "product": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:bb4fda4fdce6dcf70c3aae9c8d3ab9cf0c8c37c148558b9cf66872045dc3a1dd_s390x", "product_id": "rhacm2/multicloud-integrations-rhel8@sha256:bb4fda4fdce6dcf70c3aae9c8d3ab9cf0c8c37c148558b9cf66872045dc3a1dd_s390x", "product_identification_helper": { "purl": "pkg:oci/multicloud-integrations-rhel8@sha256:bb4fda4fdce6dcf70c3aae9c8d3ab9cf0c8c37c148558b9cf66872045dc3a1dd?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-rhel8@sha256:6872989663e4716682420fbbb47e73bf259d1eea70d649bebb29b317ef36916a_s390x", "product": { "name": "rhacm2/multiclusterhub-rhel8@sha256:6872989663e4716682420fbbb47e73bf259d1eea70d649bebb29b317ef36916a_s390x", "product_id": "rhacm2/multiclusterhub-rhel8@sha256:6872989663e4716682420fbbb47e73bf259d1eea70d649bebb29b317ef36916a_s390x", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-rhel8@sha256:6872989663e4716682420fbbb47e73bf259d1eea70d649bebb29b317ef36916a?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:5ccf00aa7a2af38f1521e8738a0c727a564723a0f5bead3f0a57c219b79b4590_s390x", "product": { "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:5ccf00aa7a2af38f1521e8738a0c727a564723a0f5bead3f0a57c219b79b4590_s390x", "product_id": "rhacm2/multiclusterhub-repo-rhel8@sha256:5ccf00aa7a2af38f1521e8738a0c727a564723a0f5bead3f0a57c219b79b4590_s390x", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-repo-rhel8@sha256:5ccf00aa7a2af38f1521e8738a0c727a564723a0f5bead3f0a57c219b79b4590?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-repo-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:9ff85e41b931a9856f0ff290f6cbfd461bc7fd3dfc36b40c656273a36c81cadd_s390x", "product": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:9ff85e41b931a9856f0ff290f6cbfd461bc7fd3dfc36b40c656273a36c81cadd_s390x", "product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:9ff85e41b931a9856f0ff290f6cbfd461bc7fd3dfc36b40c656273a36c81cadd_s390x", "product_identification_helper": { "purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:9ff85e41b931a9856f0ff290f6cbfd461bc7fd3dfc36b40c656273a36c81cadd?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-application-rhel8@sha256:f25f468c8bf12bef03b9d38400da0b11a97360afb1b163571e32f8c66509d723_s390x", "product": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:f25f468c8bf12bef03b9d38400da0b11a97360afb1b163571e32f8c66509d723_s390x", "product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:f25f468c8bf12bef03b9d38400da0b11a97360afb1b163571e32f8c66509d723_s390x", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:f25f468c8bf12bef03b9d38400da0b11a97360afb1b163571e32f8c66509d723?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:88327afd50a1735b903d5fb9dc8c5f12c1367dd2293bf64708002890f52741a0_s390x", "product": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:88327afd50a1735b903d5fb9dc8c5f12c1367dd2293bf64708002890f52741a0_s390x", "product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:88327afd50a1735b903d5fb9dc8c5f12c1367dd2293bf64708002890f52741a0_s390x", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:88327afd50a1735b903d5fb9dc8c5f12c1367dd2293bf64708002890f52741a0?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:841da85404d50361fbf25c135ebf40cc86abb853031dd36bfa0ccd0d811d9fd4_s390x", "product": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:841da85404d50361fbf25c135ebf40cc86abb853031dd36bfa0ccd0d811d9fd4_s390x", "product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:841da85404d50361fbf25c135ebf40cc86abb853031dd36bfa0ccd0d811d9fd4_s390x", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:841da85404d50361fbf25c135ebf40cc86abb853031dd36bfa0ccd0d811d9fd4?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/node-exporter-rhel8@sha256:8d9f9e38e1867643b8e57443e97a5d7772a8a2adf547b5f0c5a259dc49916417_s390x", "product": { "name": "rhacm2/node-exporter-rhel8@sha256:8d9f9e38e1867643b8e57443e97a5d7772a8a2adf547b5f0c5a259dc49916417_s390x", "product_id": "rhacm2/node-exporter-rhel8@sha256:8d9f9e38e1867643b8e57443e97a5d7772a8a2adf547b5f0c5a259dc49916417_s390x", "product_identification_helper": { "purl": "pkg:oci/node-exporter-rhel8@sha256:8d9f9e38e1867643b8e57443e97a5d7772a8a2adf547b5f0c5a259dc49916417?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8@sha256:ee861a555f0d02bf7aabc3e20704f865610c0f4f50a14a5a525b2e97d166870a_s390x", "product": { "name": "rhacm2/observatorium-rhel8@sha256:ee861a555f0d02bf7aabc3e20704f865610c0f4f50a14a5a525b2e97d166870a_s390x", "product_id": "rhacm2/observatorium-rhel8@sha256:ee861a555f0d02bf7aabc3e20704f865610c0f4f50a14a5a525b2e97d166870a_s390x", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8@sha256:ee861a555f0d02bf7aabc3e20704f865610c0f4f50a14a5a525b2e97d166870a?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8-operator@sha256:3a96c1d964c7c5f39da73a2f846ad58311c0531f20789f48e229211139255200_s390x", "product": { "name": "rhacm2/observatorium-rhel8-operator@sha256:3a96c1d964c7c5f39da73a2f846ad58311c0531f20789f48e229211139255200_s390x", "product_id": "rhacm2/observatorium-rhel8-operator@sha256:3a96c1d964c7c5f39da73a2f846ad58311c0531f20789f48e229211139255200_s390x", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8-operator@sha256:3a96c1d964c7c5f39da73a2f846ad58311c0531f20789f48e229211139255200?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:b2675cddc1075d884c8241ea3c57991cd6bd80e810f0581a0a637f39664be44d_s390x", "product": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:b2675cddc1075d884c8241ea3c57991cd6bd80e810f0581a0a637f39664be44d_s390x", "product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:b2675cddc1075d884c8241ea3c57991cd6bd80e810f0581a0a637f39664be44d_s390x", "product_identification_helper": { "purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:b2675cddc1075d884c8241ea3c57991cd6bd80e810f0581a0a637f39664be44d?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/prometheus-rhel8@sha256:8e970b2b36adb7ab6c477c7d6f03319ea6e4f294cd3a795fe3c71bdbaffe6116_s390x", "product": { "name": "rhacm2/prometheus-rhel8@sha256:8e970b2b36adb7ab6c477c7d6f03319ea6e4f294cd3a795fe3c71bdbaffe6116_s390x", "product_id": "rhacm2/prometheus-rhel8@sha256:8e970b2b36adb7ab6c477c7d6f03319ea6e4f294cd3a795fe3c71bdbaffe6116_s390x", "product_identification_helper": { "purl": "pkg:oci/prometheus-rhel8@sha256:8e970b2b36adb7ab6c477c7d6f03319ea6e4f294cd3a795fe3c71bdbaffe6116?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.6.4-5" } } }, { "category": "product_version", "name": "rhacm2/rbac-query-proxy-rhel8@sha256:2ed5806d7fa79c6a66ac58a18d7d1965a93f5014601aa47d7c17ab702074f7e7_s390x", "product": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:2ed5806d7fa79c6a66ac58a18d7d1965a93f5014601aa47d7c17ab702074f7e7_s390x", "product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:2ed5806d7fa79c6a66ac58a18d7d1965a93f5014601aa47d7c17ab702074f7e7_s390x", "product_identification_helper": { "purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:2ed5806d7fa79c6a66ac58a18d7d1965a93f5014601aa47d7c17ab702074f7e7?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/redisgraph-tls-rhel8@sha256:e92a956984d1cf5aa52e10385ab5bc2e311c417e1e0c2f78164acb7eebdb5736_s390x", "product": { "name": "rhacm2/redisgraph-tls-rhel8@sha256:e92a956984d1cf5aa52e10385ab5bc2e311c417e1e0c2f78164acb7eebdb5736_s390x", "product_id": "rhacm2/redisgraph-tls-rhel8@sha256:e92a956984d1cf5aa52e10385ab5bc2e311c417e1e0c2f78164acb7eebdb5736_s390x", "product_identification_helper": { "purl": "pkg:oci/redisgraph-tls-rhel8@sha256:e92a956984d1cf5aa52e10385ab5bc2e311c417e1e0c2f78164acb7eebdb5736?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/redisgraph-tls-rhel8\u0026tag=v2.6.4-5" } } }, { "category": "product_version", "name": "rhacm2/search-aggregator-rhel8@sha256:fd9b1ce2754afa36b13afcfd1f858d8349e7ce8da772581000f6d4cf022fa6a9_s390x", "product": { "name": "rhacm2/search-aggregator-rhel8@sha256:fd9b1ce2754afa36b13afcfd1f858d8349e7ce8da772581000f6d4cf022fa6a9_s390x", "product_id": "rhacm2/search-aggregator-rhel8@sha256:fd9b1ce2754afa36b13afcfd1f858d8349e7ce8da772581000f6d4cf022fa6a9_s390x", "product_identification_helper": { "purl": "pkg:oci/search-aggregator-rhel8@sha256:fd9b1ce2754afa36b13afcfd1f858d8349e7ce8da772581000f6d4cf022fa6a9?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-aggregator-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/search-api-rhel8@sha256:f1837082f8b4f9f7eae400a787caf3d5b96d350a34adfc018af912f271d63743_s390x", "product": { "name": "rhacm2/search-api-rhel8@sha256:f1837082f8b4f9f7eae400a787caf3d5b96d350a34adfc018af912f271d63743_s390x", "product_id": "rhacm2/search-api-rhel8@sha256:f1837082f8b4f9f7eae400a787caf3d5b96d350a34adfc018af912f271d63743_s390x", "product_identification_helper": { "purl": "pkg:oci/search-api-rhel8@sha256:f1837082f8b4f9f7eae400a787caf3d5b96d350a34adfc018af912f271d63743?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-api-rhel8\u0026tag=v2.6.4-9" } } }, { "category": "product_version", "name": "rhacm2/search-collector-rhel8@sha256:a42328709ffb7f22214f7f0b6de4974b5d995124e88607d3d3375fa78ba801e2_s390x", "product": { "name": "rhacm2/search-collector-rhel8@sha256:a42328709ffb7f22214f7f0b6de4974b5d995124e88607d3d3375fa78ba801e2_s390x", "product_id": "rhacm2/search-collector-rhel8@sha256:a42328709ffb7f22214f7f0b6de4974b5d995124e88607d3d3375fa78ba801e2_s390x", "product_identification_helper": { "purl": "pkg:oci/search-collector-rhel8@sha256:a42328709ffb7f22214f7f0b6de4974b5d995124e88607d3d3375fa78ba801e2?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.6.4-5" } } }, { "category": "product_version", "name": "rhacm2/search-rhel8@sha256:fd44c058a007d51f81da06eb05c3e40222989b51a3b42f2c5d4348e688bebd12_s390x", "product": { "name": "rhacm2/search-rhel8@sha256:fd44c058a007d51f81da06eb05c3e40222989b51a3b42f2c5d4348e688bebd12_s390x", "product_id": "rhacm2/search-rhel8@sha256:fd44c058a007d51f81da06eb05c3e40222989b51a3b42f2c5d4348e688bebd12_s390x", "product_identification_helper": { "purl": "pkg:oci/search-rhel8@sha256:fd44c058a007d51f81da06eb05c3e40222989b51a3b42f2c5d4348e688bebd12?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/search-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/submariner-addon-rhel8@sha256:6e89d7a3e6bf3c28253dd95cf29574d8c4f4719025ce5f80834f08327d106a34_s390x", "product": { "name": "rhacm2/submariner-addon-rhel8@sha256:6e89d7a3e6bf3c28253dd95cf29574d8c4f4719025ce5f80834f08327d106a34_s390x", "product_id": "rhacm2/submariner-addon-rhel8@sha256:6e89d7a3e6bf3c28253dd95cf29574d8c4f4719025ce5f80834f08327d106a34_s390x", "product_identification_helper": { "purl": "pkg:oci/submariner-addon-rhel8@sha256:6e89d7a3e6bf3c28253dd95cf29574d8c4f4719025ce5f80834f08327d106a34?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.6.4-11" } } }, { "category": "product_version", "name": "rhacm2/thanos-rhel8@sha256:ec6a6a410dc9fa64060cbc030c22ce8eb2df057f2dbcf38f39a830cc03c79152_s390x", "product": { "name": "rhacm2/thanos-rhel8@sha256:ec6a6a410dc9fa64060cbc030c22ce8eb2df057f2dbcf38f39a830cc03c79152_s390x", "product_id": "rhacm2/thanos-rhel8@sha256:ec6a6a410dc9fa64060cbc030c22ce8eb2df057f2dbcf38f39a830cc03c79152_s390x", "product_identification_helper": { "purl": "pkg:oci/thanos-rhel8@sha256:ec6a6a410dc9fa64060cbc030c22ce8eb2df057f2dbcf38f39a830cc03c79152?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/thanos-receive-controller-rhel8@sha256:443395da4ffb74c7a7da0e8d564a57b494c46229be0a2c4b5a4087f153e63245_s390x", "product": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:443395da4ffb74c7a7da0e8d564a57b494c46229be0a2c4b5a4087f153e63245_s390x", "product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:443395da4ffb74c7a7da0e8d564a57b494c46229be0a2c4b5a4087f153e63245_s390x", "product_identification_helper": { "purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:443395da4ffb74c7a7da0e8d564a57b494c46229be0a2c4b5a4087f153e63245?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.6.4-5" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:805edfdb835ecd74495c3303651f536e5402e90b8fb1d3b8e205847fb93465e5_arm64", "product": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:805edfdb835ecd74495c3303651f536e5402e90b8fb1d3b8e205847fb93465e5_arm64", "product_id": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:805edfdb835ecd74495c3303651f536e5402e90b8fb1d3b8e205847fb93465e5_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-governance-policy-addon-controller-rhel8@sha256:805edfdb835ecd74495c3303651f536e5402e90b8fb1d3b8e205847fb93465e5?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-addon-controller-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/acm-grafana-rhel8@sha256:bc40aa848bbbebd35833e69b8011db918de5c3abf5954dd5d4166a01a486a74f_arm64", "product": { "name": "rhacm2/acm-grafana-rhel8@sha256:bc40aa848bbbebd35833e69b8011db918de5c3abf5954dd5d4166a01a486a74f_arm64", "product_id": "rhacm2/acm-grafana-rhel8@sha256:bc40aa848bbbebd35833e69b8011db918de5c3abf5954dd5d4166a01a486a74f_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-grafana-rhel8@sha256:bc40aa848bbbebd35833e69b8011db918de5c3abf5954dd5d4166a01a486a74f?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/acm-must-gather-rhel8@sha256:10508327d7bc352c8e15a4876f5b2703c7be468d2cca14172f2dee077ee49bb8_arm64", "product": { "name": "rhacm2/acm-must-gather-rhel8@sha256:10508327d7bc352c8e15a4876f5b2703c7be468d2cca14172f2dee077ee49bb8_arm64", "product_id": "rhacm2/acm-must-gather-rhel8@sha256:10508327d7bc352c8e15a4876f5b2703c7be468d2cca14172f2dee077ee49bb8_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-must-gather-rhel8@sha256:10508327d7bc352c8e15a4876f5b2703c7be468d2cca14172f2dee077ee49bb8?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:3e5827095c132f2f8c0fb4a413c32c1b6bfd11a5f759c2eb18f22b1bf8f57a64_arm64", "product": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:3e5827095c132f2f8c0fb4a413c32c1b6bfd11a5f759c2eb18f22b1bf8f57a64_arm64", "product_id": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:3e5827095c132f2f8c0fb4a413c32c1b6bfd11a5f759c2eb18f22b1bf8f57a64_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-config-reloader-rhel8@sha256:3e5827095c132f2f8c0fb4a413c32c1b6bfd11a5f759c2eb18f22b1bf8f57a64?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-config-reloader-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-rhel8@sha256:faf61986493ad09657d5bd3aa31a93363b9c231a87ad8dc69d8dcb1b5ebeb500_arm64", "product": { "name": "rhacm2/acm-prometheus-rhel8@sha256:faf61986493ad09657d5bd3aa31a93363b9c231a87ad8dc69d8dcb1b5ebeb500_arm64", "product_id": "rhacm2/acm-prometheus-rhel8@sha256:faf61986493ad09657d5bd3aa31a93363b9c231a87ad8dc69d8dcb1b5ebeb500_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-rhel8@sha256:faf61986493ad09657d5bd3aa31a93363b9c231a87ad8dc69d8dcb1b5ebeb500?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:1b575eba8b7d2379cd04974fab889ccaf671875923e0904053a2896cf431e925_arm64", "product": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:1b575eba8b7d2379cd04974fab889ccaf671875923e0904053a2896cf431e925_arm64", "product_id": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:1b575eba8b7d2379cd04974fab889ccaf671875923e0904053a2896cf431e925_arm64", "product_identification_helper": { "purl": "pkg:oci/acm-volsync-addon-controller-rhel8@sha256:1b575eba8b7d2379cd04974fab889ccaf671875923e0904053a2896cf431e925?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/acm-volsync-addon-controller-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/cert-policy-controller-rhel8@sha256:eed520e609ffffce2fc428a4d1a8c18d824ff5b74582760ccc85dcdfbfe0c5a0_arm64", "product": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:eed520e609ffffce2fc428a4d1a8c18d824ff5b74582760ccc85dcdfbfe0c5a0_arm64", "product_id": "rhacm2/cert-policy-controller-rhel8@sha256:eed520e609ffffce2fc428a4d1a8c18d824ff5b74582760ccc85dcdfbfe0c5a0_arm64", "product_identification_helper": { "purl": "pkg:oci/cert-policy-controller-rhel8@sha256:eed520e609ffffce2fc428a4d1a8c18d824ff5b74582760ccc85dcdfbfe0c5a0?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/cluster-backup-rhel8-operator@sha256:0bcd60d96620d8ca69bd8062234c8bf7b12c4ae584ac9b6278270915204a23f4_arm64", "product": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:0bcd60d96620d8ca69bd8062234c8bf7b12c4ae584ac9b6278270915204a23f4_arm64", "product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:0bcd60d96620d8ca69bd8062234c8bf7b12c4ae584ac9b6278270915204a23f4_arm64", "product_identification_helper": { "purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:0bcd60d96620d8ca69bd8062234c8bf7b12c4ae584ac9b6278270915204a23f4?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/config-policy-controller-rhel8@sha256:61a33bef5ae4af5437a3c8c3e2ed1070e034a1795c40dc2f037362056c6efe30_arm64", "product": { "name": "rhacm2/config-policy-controller-rhel8@sha256:61a33bef5ae4af5437a3c8c3e2ed1070e034a1795c40dc2f037362056c6efe30_arm64", "product_id": "rhacm2/config-policy-controller-rhel8@sha256:61a33bef5ae4af5437a3c8c3e2ed1070e034a1795c40dc2f037362056c6efe30_arm64", "product_identification_helper": { "purl": "pkg:oci/config-policy-controller-rhel8@sha256:61a33bef5ae4af5437a3c8c3e2ed1070e034a1795c40dc2f037362056c6efe30?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/console-rhel8@sha256:75b36663fe8d8cf2893f493506de374b2e5a92300e38c2de25286cbdadc28a5f_arm64", "product": { "name": "rhacm2/console-rhel8@sha256:75b36663fe8d8cf2893f493506de374b2e5a92300e38c2de25286cbdadc28a5f_arm64", "product_id": "rhacm2/console-rhel8@sha256:75b36663fe8d8cf2893f493506de374b2e5a92300e38c2de25286cbdadc28a5f_arm64", "product_identification_helper": { "purl": "pkg:oci/console-rhel8@sha256:75b36663fe8d8cf2893f493506de374b2e5a92300e38c2de25286cbdadc28a5f?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.6.4-18" } } }, { "category": "product_version", "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:369ff114990cffe175afce158b43b5961036970a98fbbdf215b4bd79ca453208_arm64", "product": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:369ff114990cffe175afce158b43b5961036970a98fbbdf215b4bd79ca453208_arm64", "product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:369ff114990cffe175afce158b43b5961036970a98fbbdf215b4bd79ca453208_arm64", "product_identification_helper": { "purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:369ff114990cffe175afce158b43b5961036970a98fbbdf215b4bd79ca453208?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-propagator-rhel8@sha256:f95041614179ec6b26333e673f7e7975853d16ee3657671ca23ab7127a4eb6a0_arm64", "product": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:f95041614179ec6b26333e673f7e7975853d16ee3657671ca23ab7127a4eb6a0_arm64", "product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:f95041614179ec6b26333e673f7e7975853d16ee3657671ca23ab7127a4eb6a0_arm64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:f95041614179ec6b26333e673f7e7975853d16ee3657671ca23ab7127a4eb6a0?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:bab9db88a656cc8727c9b571644cc674212d338e7f4a9bc85d7225c80474926e_arm64", "product": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:bab9db88a656cc8727c9b571644cc674212d338e7f4a9bc85d7225c80474926e_arm64", "product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:bab9db88a656cc8727c9b571644cc674212d338e7f4a9bc85d7225c80474926e_arm64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:bab9db88a656cc8727c9b571644cc674212d338e7f4a9bc85d7225c80474926e?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:85c62dda998b2a54a085bdf0c6ab1c3c82e600e1e02c1bb68924f526b6b9068d_arm64", "product": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:85c62dda998b2a54a085bdf0c6ab1c3c82e600e1e02c1bb68924f526b6b9068d_arm64", "product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:85c62dda998b2a54a085bdf0c6ab1c3c82e600e1e02c1bb68924f526b6b9068d_arm64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:85c62dda998b2a54a085bdf0c6ab1c3c82e600e1e02c1bb68924f526b6b9068d?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:ab113018e018c9832c611bec3a264b0d153f2a0eb0b627fe7dafb5b696ad27ed_arm64", "product": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:ab113018e018c9832c611bec3a264b0d153f2a0eb0b627fe7dafb5b696ad27ed_arm64", "product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:ab113018e018c9832c611bec3a264b0d153f2a0eb0b627fe7dafb5b696ad27ed_arm64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:ab113018e018c9832c611bec3a264b0d153f2a0eb0b627fe7dafb5b696ad27ed?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:12527f1a5d2344e97afa8b0617e1e88641b3c49887ecb443354a2c2bc43ece44_arm64", "product": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:12527f1a5d2344e97afa8b0617e1e88641b3c49887ecb443354a2c2bc43ece44_arm64", "product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:12527f1a5d2344e97afa8b0617e1e88641b3c49887ecb443354a2c2bc43ece44_arm64", "product_identification_helper": { "purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:12527f1a5d2344e97afa8b0617e1e88641b3c49887ecb443354a2c2bc43ece44?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/iam-policy-controller-rhel8@sha256:a0bd2dc5b2821c1ee0bf8f898a3a164514fc24bbe0bb4a12951eb85f0fd9d0b9_arm64", "product": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:a0bd2dc5b2821c1ee0bf8f898a3a164514fc24bbe0bb4a12951eb85f0fd9d0b9_arm64", "product_id": "rhacm2/iam-policy-controller-rhel8@sha256:a0bd2dc5b2821c1ee0bf8f898a3a164514fc24bbe0bb4a12951eb85f0fd9d0b9_arm64", "product_identification_helper": { "purl": "pkg:oci/iam-policy-controller-rhel8@sha256:a0bd2dc5b2821c1ee0bf8f898a3a164514fc24bbe0bb4a12951eb85f0fd9d0b9?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/insights-client-rhel8@sha256:552124adf595742d3a825333527f832a0550c0ad2c1e696f4deb7f036398ed40_arm64", "product": { "name": "rhacm2/insights-client-rhel8@sha256:552124adf595742d3a825333527f832a0550c0ad2c1e696f4deb7f036398ed40_arm64", "product_id": "rhacm2/insights-client-rhel8@sha256:552124adf595742d3a825333527f832a0550c0ad2c1e696f4deb7f036398ed40_arm64", "product_identification_helper": { "purl": "pkg:oci/insights-client-rhel8@sha256:552124adf595742d3a825333527f832a0550c0ad2c1e696f4deb7f036398ed40?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/insights-metrics-rhel8@sha256:185312f710adba3946767f8a9780d2b34a3d7f3f9817b34474b99cd5208bf7b6_arm64", "product": { "name": "rhacm2/insights-metrics-rhel8@sha256:185312f710adba3946767f8a9780d2b34a3d7f3f9817b34474b99cd5208bf7b6_arm64", "product_id": "rhacm2/insights-metrics-rhel8@sha256:185312f710adba3946767f8a9780d2b34a3d7f3f9817b34474b99cd5208bf7b6_arm64", "product_identification_helper": { "purl": "pkg:oci/insights-metrics-rhel8@sha256:185312f710adba3946767f8a9780d2b34a3d7f3f9817b34474b99cd5208bf7b6?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:ca3e4476b47ec7ee11f0ff337199476e6003acc49a52628a31e658d2e2a57964_arm64", "product": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:ca3e4476b47ec7ee11f0ff337199476e6003acc49a52628a31e658d2e2a57964_arm64", "product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:ca3e4476b47ec7ee11f0ff337199476e6003acc49a52628a31e658d2e2a57964_arm64", "product_identification_helper": { "purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:ca3e4476b47ec7ee11f0ff337199476e6003acc49a52628a31e658d2e2a57964?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:a00401a78d20c87e74af58c3c863b96aac34a5a64d12e5b555ed9afdebee46de_arm64", "product": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:a00401a78d20c87e74af58c3c863b96aac34a5a64d12e5b555ed9afdebee46de_arm64", "product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:a00401a78d20c87e74af58c3c863b96aac34a5a64d12e5b555ed9afdebee46de_arm64", "product_identification_helper": { "purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:a00401a78d20c87e74af58c3c863b96aac34a5a64d12e5b555ed9afdebee46de?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/kube-state-metrics-rhel8@sha256:58d091cc31aaaf066a26e313fa6c412e1f871693c55d4baa11637a00ee37cd4b_arm64", "product": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:58d091cc31aaaf066a26e313fa6c412e1f871693c55d4baa11637a00ee37cd4b_arm64", "product_id": "rhacm2/kube-state-metrics-rhel8@sha256:58d091cc31aaaf066a26e313fa6c412e1f871693c55d4baa11637a00ee37cd4b_arm64", "product_identification_helper": { "purl": "pkg:oci/kube-state-metrics-rhel8@sha256:58d091cc31aaaf066a26e313fa6c412e1f871693c55d4baa11637a00ee37cd4b?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/management-ingress-rhel8@sha256:519209c863b2aac1fd7dc8ecb130f73ad122935e166066d1d6405396f00aa434_arm64", "product": { "name": "rhacm2/management-ingress-rhel8@sha256:519209c863b2aac1fd7dc8ecb130f73ad122935e166066d1d6405396f00aa434_arm64", "product_id": "rhacm2/management-ingress-rhel8@sha256:519209c863b2aac1fd7dc8ecb130f73ad122935e166066d1d6405396f00aa434_arm64", "product_identification_helper": { "purl": "pkg:oci/management-ingress-rhel8@sha256:519209c863b2aac1fd7dc8ecb130f73ad122935e166066d1d6405396f00aa434?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/memcached-rhel8@sha256:73d392672b8d9a1a2df91e47294f688d6747ff1ae5e9b8246b5cb58ca0c7f176_arm64", "product": { "name": "rhacm2/memcached-rhel8@sha256:73d392672b8d9a1a2df91e47294f688d6747ff1ae5e9b8246b5cb58ca0c7f176_arm64", "product_id": "rhacm2/memcached-rhel8@sha256:73d392672b8d9a1a2df91e47294f688d6747ff1ae5e9b8246b5cb58ca0c7f176_arm64", "product_identification_helper": { "purl": "pkg:oci/memcached-rhel8@sha256:73d392672b8d9a1a2df91e47294f688d6747ff1ae5e9b8246b5cb58ca0c7f176?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.6.4-4" } } }, { "category": "product_version", "name": "rhacm2/memcached-exporter-rhel8@sha256:4178399ac2e7fad92f077b0c33d653aabeddba0c2a52f168e691549ad1cc9726_arm64", "product": { "name": "rhacm2/memcached-exporter-rhel8@sha256:4178399ac2e7fad92f077b0c33d653aabeddba0c2a52f168e691549ad1cc9726_arm64", "product_id": "rhacm2/memcached-exporter-rhel8@sha256:4178399ac2e7fad92f077b0c33d653aabeddba0c2a52f168e691549ad1cc9726_arm64", "product_identification_helper": { "purl": "pkg:oci/memcached-exporter-rhel8@sha256:4178399ac2e7fad92f077b0c33d653aabeddba0c2a52f168e691549ad1cc9726?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/metrics-collector-rhel8@sha256:3873c526806dd32fe77619f276daf32444897abb706557cc63aaf6ab17e89e49_arm64", "product": { "name": "rhacm2/metrics-collector-rhel8@sha256:3873c526806dd32fe77619f276daf32444897abb706557cc63aaf6ab17e89e49_arm64", "product_id": "rhacm2/metrics-collector-rhel8@sha256:3873c526806dd32fe77619f276daf32444897abb706557cc63aaf6ab17e89e49_arm64", "product_identification_helper": { "purl": "pkg:oci/metrics-collector-rhel8@sha256:3873c526806dd32fe77619f276daf32444897abb706557cc63aaf6ab17e89e49?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/multicloud-integrations-rhel8@sha256:c80b686c8b6c445142f11eae2e67b9159bd86bd68f3b979276854909459ddec6_arm64", "product": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:c80b686c8b6c445142f11eae2e67b9159bd86bd68f3b979276854909459ddec6_arm64", "product_id": "rhacm2/multicloud-integrations-rhel8@sha256:c80b686c8b6c445142f11eae2e67b9159bd86bd68f3b979276854909459ddec6_arm64", "product_identification_helper": { "purl": "pkg:oci/multicloud-integrations-rhel8@sha256:c80b686c8b6c445142f11eae2e67b9159bd86bd68f3b979276854909459ddec6?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-rhel8@sha256:1113003b61001b92cd12e58b67e7f8e8ef48e7135d35cdc76cf50a27287844c3_arm64", "product": { "name": "rhacm2/multiclusterhub-rhel8@sha256:1113003b61001b92cd12e58b67e7f8e8ef48e7135d35cdc76cf50a27287844c3_arm64", "product_id": "rhacm2/multiclusterhub-rhel8@sha256:1113003b61001b92cd12e58b67e7f8e8ef48e7135d35cdc76cf50a27287844c3_arm64", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-rhel8@sha256:1113003b61001b92cd12e58b67e7f8e8ef48e7135d35cdc76cf50a27287844c3?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:a11c532fe076f1ad0b430cc2e2a66a31f046d49d03057ba0ee9e22dd73655e11_arm64", "product": { "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:a11c532fe076f1ad0b430cc2e2a66a31f046d49d03057ba0ee9e22dd73655e11_arm64", "product_id": "rhacm2/multiclusterhub-repo-rhel8@sha256:a11c532fe076f1ad0b430cc2e2a66a31f046d49d03057ba0ee9e22dd73655e11_arm64", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-repo-rhel8@sha256:a11c532fe076f1ad0b430cc2e2a66a31f046d49d03057ba0ee9e22dd73655e11?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-repo-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:2e8cc1abec346c56921e6962b5117d40b2d5e60474297134ea112c2111b1255c_arm64", "product": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:2e8cc1abec346c56921e6962b5117d40b2d5e60474297134ea112c2111b1255c_arm64", "product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:2e8cc1abec346c56921e6962b5117d40b2d5e60474297134ea112c2111b1255c_arm64", "product_identification_helper": { "purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:2e8cc1abec346c56921e6962b5117d40b2d5e60474297134ea112c2111b1255c?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-application-rhel8@sha256:3a2ff6f8f3df7f191fd9b4c3f11109b26d69498f40ab80107de46363abd2336f_arm64", "product": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:3a2ff6f8f3df7f191fd9b4c3f11109b26d69498f40ab80107de46363abd2336f_arm64", "product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:3a2ff6f8f3df7f191fd9b4c3f11109b26d69498f40ab80107de46363abd2336f_arm64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:3a2ff6f8f3df7f191fd9b4c3f11109b26d69498f40ab80107de46363abd2336f?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:f9f36b945a7929f50993dc1196fa8f8027228fc113d3cdc3016ff8d9b28ce17f_arm64", "product": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:f9f36b945a7929f50993dc1196fa8f8027228fc113d3cdc3016ff8d9b28ce17f_arm64", "product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:f9f36b945a7929f50993dc1196fa8f8027228fc113d3cdc3016ff8d9b28ce17f_arm64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:f9f36b945a7929f50993dc1196fa8f8027228fc113d3cdc3016ff8d9b28ce17f?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:b37c5a10ed9642eea4400436375483dbc526ce9e3f1207327df3ff4e9d260fd1_arm64", "product": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:b37c5a10ed9642eea4400436375483dbc526ce9e3f1207327df3ff4e9d260fd1_arm64", "product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:b37c5a10ed9642eea4400436375483dbc526ce9e3f1207327df3ff4e9d260fd1_arm64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:b37c5a10ed9642eea4400436375483dbc526ce9e3f1207327df3ff4e9d260fd1?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/node-exporter-rhel8@sha256:c7e08cb097dbed71c5177b4cccd44a228c5ec85061b02940e582c58f4b84ff79_arm64", "product": { "name": "rhacm2/node-exporter-rhel8@sha256:c7e08cb097dbed71c5177b4cccd44a228c5ec85061b02940e582c58f4b84ff79_arm64", "product_id": "rhacm2/node-exporter-rhel8@sha256:c7e08cb097dbed71c5177b4cccd44a228c5ec85061b02940e582c58f4b84ff79_arm64", "product_identification_helper": { "purl": "pkg:oci/node-exporter-rhel8@sha256:c7e08cb097dbed71c5177b4cccd44a228c5ec85061b02940e582c58f4b84ff79?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8@sha256:d3b7f453143d6702fd4b917f21c5a9297d0f7de52a1ccf39e5c1569724142d8f_arm64", "product": { "name": "rhacm2/observatorium-rhel8@sha256:d3b7f453143d6702fd4b917f21c5a9297d0f7de52a1ccf39e5c1569724142d8f_arm64", "product_id": "rhacm2/observatorium-rhel8@sha256:d3b7f453143d6702fd4b917f21c5a9297d0f7de52a1ccf39e5c1569724142d8f_arm64", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8@sha256:d3b7f453143d6702fd4b917f21c5a9297d0f7de52a1ccf39e5c1569724142d8f?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8-operator@sha256:a05ef9733ca94354872cb346241bb754e45f72bd33af80fa5d336dac6f041dd0_arm64", "product": { "name": "rhacm2/observatorium-rhel8-operator@sha256:a05ef9733ca94354872cb346241bb754e45f72bd33af80fa5d336dac6f041dd0_arm64", "product_id": "rhacm2/observatorium-rhel8-operator@sha256:a05ef9733ca94354872cb346241bb754e45f72bd33af80fa5d336dac6f041dd0_arm64", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8-operator@sha256:a05ef9733ca94354872cb346241bb754e45f72bd33af80fa5d336dac6f041dd0?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:dd2b23d192fa9271eb45655959e8d001e6d3d2c6d08315a475d538ad65f1df3a_arm64", "product": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:dd2b23d192fa9271eb45655959e8d001e6d3d2c6d08315a475d538ad65f1df3a_arm64", "product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:dd2b23d192fa9271eb45655959e8d001e6d3d2c6d08315a475d538ad65f1df3a_arm64", "product_identification_helper": { "purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:dd2b23d192fa9271eb45655959e8d001e6d3d2c6d08315a475d538ad65f1df3a?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/prometheus-rhel8@sha256:4780b0e407922afcff9fc07f5e6244c2b8b5c753bbb76fd0f447f272f18850f5_arm64", "product": { "name": "rhacm2/prometheus-rhel8@sha256:4780b0e407922afcff9fc07f5e6244c2b8b5c753bbb76fd0f447f272f18850f5_arm64", "product_id": "rhacm2/prometheus-rhel8@sha256:4780b0e407922afcff9fc07f5e6244c2b8b5c753bbb76fd0f447f272f18850f5_arm64", "product_identification_helper": { "purl": "pkg:oci/prometheus-rhel8@sha256:4780b0e407922afcff9fc07f5e6244c2b8b5c753bbb76fd0f447f272f18850f5?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.6.4-5" } } }, { "category": "product_version", "name": "rhacm2/rbac-query-proxy-rhel8@sha256:1b8c16923b7916824baf9b02d5b9654b36c57518051c42f909d8a3078d0dcb4f_arm64", "product": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:1b8c16923b7916824baf9b02d5b9654b36c57518051c42f909d8a3078d0dcb4f_arm64", "product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:1b8c16923b7916824baf9b02d5b9654b36c57518051c42f909d8a3078d0dcb4f_arm64", "product_identification_helper": { "purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:1b8c16923b7916824baf9b02d5b9654b36c57518051c42f909d8a3078d0dcb4f?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/redisgraph-tls-rhel8@sha256:e855417861657cedde18cfc2f66c45b63824c37b4de0f9fc3f25f4ed67dbc36a_arm64", "product": { "name": "rhacm2/redisgraph-tls-rhel8@sha256:e855417861657cedde18cfc2f66c45b63824c37b4de0f9fc3f25f4ed67dbc36a_arm64", "product_id": "rhacm2/redisgraph-tls-rhel8@sha256:e855417861657cedde18cfc2f66c45b63824c37b4de0f9fc3f25f4ed67dbc36a_arm64", "product_identification_helper": { "purl": "pkg:oci/redisgraph-tls-rhel8@sha256:e855417861657cedde18cfc2f66c45b63824c37b4de0f9fc3f25f4ed67dbc36a?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/redisgraph-tls-rhel8\u0026tag=v2.6.4-5" } } }, { "category": "product_version", "name": "rhacm2/search-aggregator-rhel8@sha256:bf33628423223c08e8814e98e2e91dbc8ed1744b834df66d8d296873be92215c_arm64", "product": { "name": "rhacm2/search-aggregator-rhel8@sha256:bf33628423223c08e8814e98e2e91dbc8ed1744b834df66d8d296873be92215c_arm64", "product_id": "rhacm2/search-aggregator-rhel8@sha256:bf33628423223c08e8814e98e2e91dbc8ed1744b834df66d8d296873be92215c_arm64", "product_identification_helper": { "purl": "pkg:oci/search-aggregator-rhel8@sha256:bf33628423223c08e8814e98e2e91dbc8ed1744b834df66d8d296873be92215c?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/search-aggregator-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/search-api-rhel8@sha256:f7846422fdec5bf9401a3fb87698477eaa059229570396fcd585cc46253b2079_arm64", "product": { "name": "rhacm2/search-api-rhel8@sha256:f7846422fdec5bf9401a3fb87698477eaa059229570396fcd585cc46253b2079_arm64", "product_id": "rhacm2/search-api-rhel8@sha256:f7846422fdec5bf9401a3fb87698477eaa059229570396fcd585cc46253b2079_arm64", "product_identification_helper": { "purl": "pkg:oci/search-api-rhel8@sha256:f7846422fdec5bf9401a3fb87698477eaa059229570396fcd585cc46253b2079?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/search-api-rhel8\u0026tag=v2.6.4-9" } } }, { "category": "product_version", "name": "rhacm2/search-collector-rhel8@sha256:63f6abf2d72b042858ad4980b027ae6f17ad6435b43e3f6c8546c74ffaf3a6f8_arm64", "product": { "name": "rhacm2/search-collector-rhel8@sha256:63f6abf2d72b042858ad4980b027ae6f17ad6435b43e3f6c8546c74ffaf3a6f8_arm64", "product_id": "rhacm2/search-collector-rhel8@sha256:63f6abf2d72b042858ad4980b027ae6f17ad6435b43e3f6c8546c74ffaf3a6f8_arm64", "product_identification_helper": { "purl": "pkg:oci/search-collector-rhel8@sha256:63f6abf2d72b042858ad4980b027ae6f17ad6435b43e3f6c8546c74ffaf3a6f8?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.6.4-5" } } }, { "category": "product_version", "name": "rhacm2/search-rhel8@sha256:128557c1c210c5fbd1d4a4fadac47332543701fed122ba74d4d2dfd2a073af9e_arm64", "product": { "name": "rhacm2/search-rhel8@sha256:128557c1c210c5fbd1d4a4fadac47332543701fed122ba74d4d2dfd2a073af9e_arm64", "product_id": "rhacm2/search-rhel8@sha256:128557c1c210c5fbd1d4a4fadac47332543701fed122ba74d4d2dfd2a073af9e_arm64", "product_identification_helper": { "purl": "pkg:oci/search-rhel8@sha256:128557c1c210c5fbd1d4a4fadac47332543701fed122ba74d4d2dfd2a073af9e?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/search-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/submariner-addon-rhel8@sha256:48409b1f123491da843395bd3dcaa53798134243ec3c36f9236936e9f24f4b45_arm64", "product": { "name": "rhacm2/submariner-addon-rhel8@sha256:48409b1f123491da843395bd3dcaa53798134243ec3c36f9236936e9f24f4b45_arm64", "product_id": "rhacm2/submariner-addon-rhel8@sha256:48409b1f123491da843395bd3dcaa53798134243ec3c36f9236936e9f24f4b45_arm64", "product_identification_helper": { "purl": "pkg:oci/submariner-addon-rhel8@sha256:48409b1f123491da843395bd3dcaa53798134243ec3c36f9236936e9f24f4b45?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.6.4-11" } } }, { "category": "product_version", "name": "rhacm2/thanos-rhel8@sha256:f617a890dd4d7b2fdce173f70f0901236f488197ebde036935aab26c3f8b23ff_arm64", "product": { "name": "rhacm2/thanos-rhel8@sha256:f617a890dd4d7b2fdce173f70f0901236f488197ebde036935aab26c3f8b23ff_arm64", "product_id": "rhacm2/thanos-rhel8@sha256:f617a890dd4d7b2fdce173f70f0901236f488197ebde036935aab26c3f8b23ff_arm64", "product_identification_helper": { "purl": "pkg:oci/thanos-rhel8@sha256:f617a890dd4d7b2fdce173f70f0901236f488197ebde036935aab26c3f8b23ff?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/thanos-receive-controller-rhel8@sha256:0d003ef4b01caf461125e4bdb33400e8bef1544caa6489f5ded4d52481401939_arm64", "product": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:0d003ef4b01caf461125e4bdb33400e8bef1544caa6489f5ded4d52481401939_arm64", "product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:0d003ef4b01caf461125e4bdb33400e8bef1544caa6489f5ded4d52481401939_arm64", "product_identification_helper": { "purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:0d003ef4b01caf461125e4bdb33400e8bef1544caa6489f5ded4d52481401939?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.6.4-5" } } } ], "category": "architecture", "name": "arm64" }, { "branches": [ { "category": "product_version", "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:0e83b7308b7f8efd0dd4c482d301231ea81744a9c243efddb57714f687625bb7_ppc64le", "product": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:0e83b7308b7f8efd0dd4c482d301231ea81744a9c243efddb57714f687625bb7_ppc64le", "product_id": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:0e83b7308b7f8efd0dd4c482d301231ea81744a9c243efddb57714f687625bb7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-governance-policy-addon-controller-rhel8@sha256:0e83b7308b7f8efd0dd4c482d301231ea81744a9c243efddb57714f687625bb7?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-addon-controller-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/acm-grafana-rhel8@sha256:f082c0cdabf220570bc3bdf145c66fefe39d31cbb988da962a3262d0264777e6_ppc64le", "product": { "name": "rhacm2/acm-grafana-rhel8@sha256:f082c0cdabf220570bc3bdf145c66fefe39d31cbb988da962a3262d0264777e6_ppc64le", "product_id": "rhacm2/acm-grafana-rhel8@sha256:f082c0cdabf220570bc3bdf145c66fefe39d31cbb988da962a3262d0264777e6_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-grafana-rhel8@sha256:f082c0cdabf220570bc3bdf145c66fefe39d31cbb988da962a3262d0264777e6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/acm-must-gather-rhel8@sha256:4ede1e02b3574cc788867b443a745dcc75d35abad1b53f24159c5bd29c200821_ppc64le", "product": { "name": "rhacm2/acm-must-gather-rhel8@sha256:4ede1e02b3574cc788867b443a745dcc75d35abad1b53f24159c5bd29c200821_ppc64le", "product_id": "rhacm2/acm-must-gather-rhel8@sha256:4ede1e02b3574cc788867b443a745dcc75d35abad1b53f24159c5bd29c200821_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-must-gather-rhel8@sha256:4ede1e02b3574cc788867b443a745dcc75d35abad1b53f24159c5bd29c200821?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/acm-operator-bundle@sha256:fe1d26d24fd371f2d104d34ac91d604d250361ac35cadfb0841998f5afb44788_ppc64le", "product": { "name": "rhacm2/acm-operator-bundle@sha256:fe1d26d24fd371f2d104d34ac91d604d250361ac35cadfb0841998f5afb44788_ppc64le", "product_id": "rhacm2/acm-operator-bundle@sha256:fe1d26d24fd371f2d104d34ac91d604d250361ac35cadfb0841998f5afb44788_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-operator-bundle@sha256:fe1d26d24fd371f2d104d34ac91d604d250361ac35cadfb0841998f5afb44788?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.6.4-31" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:cc25f7b4a426d4ad2bbd5769b4f22581ea50170fc743a8237f7fd07b7a2957a9_ppc64le", "product": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:cc25f7b4a426d4ad2bbd5769b4f22581ea50170fc743a8237f7fd07b7a2957a9_ppc64le", "product_id": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:cc25f7b4a426d4ad2bbd5769b4f22581ea50170fc743a8237f7fd07b7a2957a9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-config-reloader-rhel8@sha256:cc25f7b4a426d4ad2bbd5769b4f22581ea50170fc743a8237f7fd07b7a2957a9?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-config-reloader-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-rhel8@sha256:0110e8b7af143ead3c278a00375ba016bc46160dbfac15a151a9d929ffbb781c_ppc64le", "product": { "name": "rhacm2/acm-prometheus-rhel8@sha256:0110e8b7af143ead3c278a00375ba016bc46160dbfac15a151a9d929ffbb781c_ppc64le", "product_id": "rhacm2/acm-prometheus-rhel8@sha256:0110e8b7af143ead3c278a00375ba016bc46160dbfac15a151a9d929ffbb781c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-rhel8@sha256:0110e8b7af143ead3c278a00375ba016bc46160dbfac15a151a9d929ffbb781c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:6292d00742228851ab7832e2852827df767492a2401d65dd420c8b0aeee24e97_ppc64le", "product": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:6292d00742228851ab7832e2852827df767492a2401d65dd420c8b0aeee24e97_ppc64le", "product_id": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:6292d00742228851ab7832e2852827df767492a2401d65dd420c8b0aeee24e97_ppc64le", "product_identification_helper": { "purl": "pkg:oci/acm-volsync-addon-controller-rhel8@sha256:6292d00742228851ab7832e2852827df767492a2401d65dd420c8b0aeee24e97?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/acm-volsync-addon-controller-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/cert-policy-controller-rhel8@sha256:2e83f766397a03678513afb6cf6a797e5266c4acd65117413e1f0e780b2ed54b_ppc64le", "product": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:2e83f766397a03678513afb6cf6a797e5266c4acd65117413e1f0e780b2ed54b_ppc64le", "product_id": "rhacm2/cert-policy-controller-rhel8@sha256:2e83f766397a03678513afb6cf6a797e5266c4acd65117413e1f0e780b2ed54b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/cert-policy-controller-rhel8@sha256:2e83f766397a03678513afb6cf6a797e5266c4acd65117413e1f0e780b2ed54b?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/cluster-backup-rhel8-operator@sha256:48efa4484d7892fcc0c282a06ab4e1183d9c6372f42fd309ca14e224ea33e9e7_ppc64le", "product": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:48efa4484d7892fcc0c282a06ab4e1183d9c6372f42fd309ca14e224ea33e9e7_ppc64le", "product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:48efa4484d7892fcc0c282a06ab4e1183d9c6372f42fd309ca14e224ea33e9e7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:48efa4484d7892fcc0c282a06ab4e1183d9c6372f42fd309ca14e224ea33e9e7?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/config-policy-controller-rhel8@sha256:49a48119aeb0fb449f65a50017f26abac02a4885b614d0c9e3eb8ab73ba7eb37_ppc64le", "product": { "name": "rhacm2/config-policy-controller-rhel8@sha256:49a48119aeb0fb449f65a50017f26abac02a4885b614d0c9e3eb8ab73ba7eb37_ppc64le", "product_id": "rhacm2/config-policy-controller-rhel8@sha256:49a48119aeb0fb449f65a50017f26abac02a4885b614d0c9e3eb8ab73ba7eb37_ppc64le", "product_identification_helper": { "purl": "pkg:oci/config-policy-controller-rhel8@sha256:49a48119aeb0fb449f65a50017f26abac02a4885b614d0c9e3eb8ab73ba7eb37?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/console-rhel8@sha256:9f39582360916bb4b1992246996e3aa74acc45df687532ac633c6ba2355bf312_ppc64le", "product": { "name": "rhacm2/console-rhel8@sha256:9f39582360916bb4b1992246996e3aa74acc45df687532ac633c6ba2355bf312_ppc64le", "product_id": "rhacm2/console-rhel8@sha256:9f39582360916bb4b1992246996e3aa74acc45df687532ac633c6ba2355bf312_ppc64le", "product_identification_helper": { "purl": "pkg:oci/console-rhel8@sha256:9f39582360916bb4b1992246996e3aa74acc45df687532ac633c6ba2355bf312?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.6.4-18" } } }, { "category": "product_version", "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:b34190c8bcba479316ca98b8970927b6ce186c976c158c8f366e8bd7d4b001ad_ppc64le", "product": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:b34190c8bcba479316ca98b8970927b6ce186c976c158c8f366e8bd7d4b001ad_ppc64le", "product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:b34190c8bcba479316ca98b8970927b6ce186c976c158c8f366e8bd7d4b001ad_ppc64le", "product_identification_helper": { "purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:b34190c8bcba479316ca98b8970927b6ce186c976c158c8f366e8bd7d4b001ad?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-propagator-rhel8@sha256:c35e75613bd4ca07ed9e3191daaca9597b6565908cdf7d08983ba2b6b48396e3_ppc64le", "product": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:c35e75613bd4ca07ed9e3191daaca9597b6565908cdf7d08983ba2b6b48396e3_ppc64le", "product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:c35e75613bd4ca07ed9e3191daaca9597b6565908cdf7d08983ba2b6b48396e3_ppc64le", "product_identification_helper": { "purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:c35e75613bd4ca07ed9e3191daaca9597b6565908cdf7d08983ba2b6b48396e3?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:c08b6982d29a81ae3a773df997d072dfd9ce75730550d36b3e0b3824b5bd7ea9_ppc64le", "product": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:c08b6982d29a81ae3a773df997d072dfd9ce75730550d36b3e0b3824b5bd7ea9_ppc64le", "product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:c08b6982d29a81ae3a773df997d072dfd9ce75730550d36b3e0b3824b5bd7ea9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:c08b6982d29a81ae3a773df997d072dfd9ce75730550d36b3e0b3824b5bd7ea9?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:93565ddd2b6e23cf9617182568d0857615c47e38876dffbe2487f94bcec24028_ppc64le", "product": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:93565ddd2b6e23cf9617182568d0857615c47e38876dffbe2487f94bcec24028_ppc64le", "product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:93565ddd2b6e23cf9617182568d0857615c47e38876dffbe2487f94bcec24028_ppc64le", "product_identification_helper": { "purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:93565ddd2b6e23cf9617182568d0857615c47e38876dffbe2487f94bcec24028?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:7f3571c3b232b867dbcc84cebc2da8f12d1c9a56ddaabd21eac5cc7baab1e3b5_ppc64le", "product": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:7f3571c3b232b867dbcc84cebc2da8f12d1c9a56ddaabd21eac5cc7baab1e3b5_ppc64le", "product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:7f3571c3b232b867dbcc84cebc2da8f12d1c9a56ddaabd21eac5cc7baab1e3b5_ppc64le", "product_identification_helper": { "purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:7f3571c3b232b867dbcc84cebc2da8f12d1c9a56ddaabd21eac5cc7baab1e3b5?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:5a7e21a5e3541b9c0a0bb054af74ec83932cf89cabd577c3a8362e50ac4fc5e8_ppc64le", "product": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:5a7e21a5e3541b9c0a0bb054af74ec83932cf89cabd577c3a8362e50ac4fc5e8_ppc64le", "product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:5a7e21a5e3541b9c0a0bb054af74ec83932cf89cabd577c3a8362e50ac4fc5e8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:5a7e21a5e3541b9c0a0bb054af74ec83932cf89cabd577c3a8362e50ac4fc5e8?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/iam-policy-controller-rhel8@sha256:06fb15f2fa6bed947eb7ca0f0e8d0cf70f06e66b27aaa693c870588d27d1c177_ppc64le", "product": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:06fb15f2fa6bed947eb7ca0f0e8d0cf70f06e66b27aaa693c870588d27d1c177_ppc64le", "product_id": "rhacm2/iam-policy-controller-rhel8@sha256:06fb15f2fa6bed947eb7ca0f0e8d0cf70f06e66b27aaa693c870588d27d1c177_ppc64le", "product_identification_helper": { "purl": "pkg:oci/iam-policy-controller-rhel8@sha256:06fb15f2fa6bed947eb7ca0f0e8d0cf70f06e66b27aaa693c870588d27d1c177?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/insights-client-rhel8@sha256:321a39f4bb988e5e9c939408d6b8bbb1e028fe77fe8677ef2c0772b518721844_ppc64le", "product": { "name": "rhacm2/insights-client-rhel8@sha256:321a39f4bb988e5e9c939408d6b8bbb1e028fe77fe8677ef2c0772b518721844_ppc64le", "product_id": "rhacm2/insights-client-rhel8@sha256:321a39f4bb988e5e9c939408d6b8bbb1e028fe77fe8677ef2c0772b518721844_ppc64le", "product_identification_helper": { "purl": "pkg:oci/insights-client-rhel8@sha256:321a39f4bb988e5e9c939408d6b8bbb1e028fe77fe8677ef2c0772b518721844?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/insights-metrics-rhel8@sha256:6ee6966426237d620c6a6c6689c3a9f92402c1dee4705cb211b96fcf3c313206_ppc64le", "product": { "name": "rhacm2/insights-metrics-rhel8@sha256:6ee6966426237d620c6a6c6689c3a9f92402c1dee4705cb211b96fcf3c313206_ppc64le", "product_id": "rhacm2/insights-metrics-rhel8@sha256:6ee6966426237d620c6a6c6689c3a9f92402c1dee4705cb211b96fcf3c313206_ppc64le", "product_identification_helper": { "purl": "pkg:oci/insights-metrics-rhel8@sha256:6ee6966426237d620c6a6c6689c3a9f92402c1dee4705cb211b96fcf3c313206?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:504ca7e02b98a87d8ba9133af0edb696f4e678544c0525db88e07493bf453b77_ppc64le", "product": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:504ca7e02b98a87d8ba9133af0edb696f4e678544c0525db88e07493bf453b77_ppc64le", "product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:504ca7e02b98a87d8ba9133af0edb696f4e678544c0525db88e07493bf453b77_ppc64le", "product_identification_helper": { "purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:504ca7e02b98a87d8ba9133af0edb696f4e678544c0525db88e07493bf453b77?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:84512ecf696a455eda78faee46c67d133233cfc83c6cb9c94bac6e48f3a9f18a_ppc64le", "product": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:84512ecf696a455eda78faee46c67d133233cfc83c6cb9c94bac6e48f3a9f18a_ppc64le", "product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:84512ecf696a455eda78faee46c67d133233cfc83c6cb9c94bac6e48f3a9f18a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:84512ecf696a455eda78faee46c67d133233cfc83c6cb9c94bac6e48f3a9f18a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/kube-state-metrics-rhel8@sha256:791c3a0554c9da69b7019389c5fa76db9c1520e90a0d8b308337480817f3497f_ppc64le", "product": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:791c3a0554c9da69b7019389c5fa76db9c1520e90a0d8b308337480817f3497f_ppc64le", "product_id": "rhacm2/kube-state-metrics-rhel8@sha256:791c3a0554c9da69b7019389c5fa76db9c1520e90a0d8b308337480817f3497f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kube-state-metrics-rhel8@sha256:791c3a0554c9da69b7019389c5fa76db9c1520e90a0d8b308337480817f3497f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/management-ingress-rhel8@sha256:bd540cc538e2665a17665b07f5053b5b4402319af6959c384b279d152348d26e_ppc64le", "product": { "name": "rhacm2/management-ingress-rhel8@sha256:bd540cc538e2665a17665b07f5053b5b4402319af6959c384b279d152348d26e_ppc64le", "product_id": "rhacm2/management-ingress-rhel8@sha256:bd540cc538e2665a17665b07f5053b5b4402319af6959c384b279d152348d26e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/management-ingress-rhel8@sha256:bd540cc538e2665a17665b07f5053b5b4402319af6959c384b279d152348d26e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/memcached-rhel8@sha256:55869d62acabc78675fb3f926d45f6630f03ff380af76665eb36f3bd1ea17092_ppc64le", "product": { "name": "rhacm2/memcached-rhel8@sha256:55869d62acabc78675fb3f926d45f6630f03ff380af76665eb36f3bd1ea17092_ppc64le", "product_id": "rhacm2/memcached-rhel8@sha256:55869d62acabc78675fb3f926d45f6630f03ff380af76665eb36f3bd1ea17092_ppc64le", "product_identification_helper": { "purl": "pkg:oci/memcached-rhel8@sha256:55869d62acabc78675fb3f926d45f6630f03ff380af76665eb36f3bd1ea17092?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.6.4-4" } } }, { "category": "product_version", "name": "rhacm2/memcached-exporter-rhel8@sha256:4812b505722334bcb9fda21fcbaa22154d77d045528ed014e6c98b205037aa27_ppc64le", "product": { "name": "rhacm2/memcached-exporter-rhel8@sha256:4812b505722334bcb9fda21fcbaa22154d77d045528ed014e6c98b205037aa27_ppc64le", "product_id": "rhacm2/memcached-exporter-rhel8@sha256:4812b505722334bcb9fda21fcbaa22154d77d045528ed014e6c98b205037aa27_ppc64le", "product_identification_helper": { "purl": "pkg:oci/memcached-exporter-rhel8@sha256:4812b505722334bcb9fda21fcbaa22154d77d045528ed014e6c98b205037aa27?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/metrics-collector-rhel8@sha256:dff76ab0cc28c3c4e7e588a421514e0c9041c50eb17071fdd9b1939015ed2ff0_ppc64le", "product": { "name": "rhacm2/metrics-collector-rhel8@sha256:dff76ab0cc28c3c4e7e588a421514e0c9041c50eb17071fdd9b1939015ed2ff0_ppc64le", "product_id": "rhacm2/metrics-collector-rhel8@sha256:dff76ab0cc28c3c4e7e588a421514e0c9041c50eb17071fdd9b1939015ed2ff0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/metrics-collector-rhel8@sha256:dff76ab0cc28c3c4e7e588a421514e0c9041c50eb17071fdd9b1939015ed2ff0?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/multicloud-integrations-rhel8@sha256:2cac0b4e4c1093a726dde6fdc59cb2023dde20a7ca62f6ab7644953f4b02daa4_ppc64le", "product": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:2cac0b4e4c1093a726dde6fdc59cb2023dde20a7ca62f6ab7644953f4b02daa4_ppc64le", "product_id": "rhacm2/multicloud-integrations-rhel8@sha256:2cac0b4e4c1093a726dde6fdc59cb2023dde20a7ca62f6ab7644953f4b02daa4_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicloud-integrations-rhel8@sha256:2cac0b4e4c1093a726dde6fdc59cb2023dde20a7ca62f6ab7644953f4b02daa4?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-rhel8@sha256:5f973fe1f74245e35a674c00e60f32d23dcc0871f1546f04cc754c5393b0ec53_ppc64le", "product": { "name": "rhacm2/multiclusterhub-rhel8@sha256:5f973fe1f74245e35a674c00e60f32d23dcc0871f1546f04cc754c5393b0ec53_ppc64le", "product_id": "rhacm2/multiclusterhub-rhel8@sha256:5f973fe1f74245e35a674c00e60f32d23dcc0871f1546f04cc754c5393b0ec53_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-rhel8@sha256:5f973fe1f74245e35a674c00e60f32d23dcc0871f1546f04cc754c5393b0ec53?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:d25bc23a7446ebc266cc759cd23cefe2909e6f7f26b346af29d5eeee59588eea_ppc64le", "product": { "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:d25bc23a7446ebc266cc759cd23cefe2909e6f7f26b346af29d5eeee59588eea_ppc64le", "product_id": "rhacm2/multiclusterhub-repo-rhel8@sha256:d25bc23a7446ebc266cc759cd23cefe2909e6f7f26b346af29d5eeee59588eea_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-repo-rhel8@sha256:d25bc23a7446ebc266cc759cd23cefe2909e6f7f26b346af29d5eeee59588eea?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-repo-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:24ee2dbc8f1a72b95ef5f2d2ff8ee64fdbb99c34691eee2280536b5b19f2de91_ppc64le", "product": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:24ee2dbc8f1a72b95ef5f2d2ff8ee64fdbb99c34691eee2280536b5b19f2de91_ppc64le", "product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:24ee2dbc8f1a72b95ef5f2d2ff8ee64fdbb99c34691eee2280536b5b19f2de91_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:24ee2dbc8f1a72b95ef5f2d2ff8ee64fdbb99c34691eee2280536b5b19f2de91?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-application-rhel8@sha256:c113b3f518ed735c27ec6ff124b1737fd15bb34cb387cfca2ba3215bf09f5d7f_ppc64le", "product": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:c113b3f518ed735c27ec6ff124b1737fd15bb34cb387cfca2ba3215bf09f5d7f_ppc64le", "product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:c113b3f518ed735c27ec6ff124b1737fd15bb34cb387cfca2ba3215bf09f5d7f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:c113b3f518ed735c27ec6ff124b1737fd15bb34cb387cfca2ba3215bf09f5d7f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:b511716b38f4b9e4b29ff8a6878823dabc908de452707623c186f16688603fe4_ppc64le", "product": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:b511716b38f4b9e4b29ff8a6878823dabc908de452707623c186f16688603fe4_ppc64le", "product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:b511716b38f4b9e4b29ff8a6878823dabc908de452707623c186f16688603fe4_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:b511716b38f4b9e4b29ff8a6878823dabc908de452707623c186f16688603fe4?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:1142ea372b1546c788283767025a0e93caf4879081db2fee0e3d477a42d53b71_ppc64le", "product": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:1142ea372b1546c788283767025a0e93caf4879081db2fee0e3d477a42d53b71_ppc64le", "product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:1142ea372b1546c788283767025a0e93caf4879081db2fee0e3d477a42d53b71_ppc64le", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:1142ea372b1546c788283767025a0e93caf4879081db2fee0e3d477a42d53b71?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/node-exporter-rhel8@sha256:1652bcd9320bf9e383e5e991f7abe47a3085cbfb6e15bbcc19685c6975c2a4cb_ppc64le", "product": { "name": "rhacm2/node-exporter-rhel8@sha256:1652bcd9320bf9e383e5e991f7abe47a3085cbfb6e15bbcc19685c6975c2a4cb_ppc64le", "product_id": "rhacm2/node-exporter-rhel8@sha256:1652bcd9320bf9e383e5e991f7abe47a3085cbfb6e15bbcc19685c6975c2a4cb_ppc64le", "product_identification_helper": { "purl": "pkg:oci/node-exporter-rhel8@sha256:1652bcd9320bf9e383e5e991f7abe47a3085cbfb6e15bbcc19685c6975c2a4cb?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8@sha256:2371688381650d6dd6a6800a2740df1d28f70c1eea8046ae2948f321c3e0e5e8_ppc64le", "product": { "name": "rhacm2/observatorium-rhel8@sha256:2371688381650d6dd6a6800a2740df1d28f70c1eea8046ae2948f321c3e0e5e8_ppc64le", "product_id": "rhacm2/observatorium-rhel8@sha256:2371688381650d6dd6a6800a2740df1d28f70c1eea8046ae2948f321c3e0e5e8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8@sha256:2371688381650d6dd6a6800a2740df1d28f70c1eea8046ae2948f321c3e0e5e8?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8-operator@sha256:40f0c0d4707cb3f6acbab593f917267af1cd7de322b382a2ddf442149c3e613c_ppc64le", "product": { "name": "rhacm2/observatorium-rhel8-operator@sha256:40f0c0d4707cb3f6acbab593f917267af1cd7de322b382a2ddf442149c3e613c_ppc64le", "product_id": "rhacm2/observatorium-rhel8-operator@sha256:40f0c0d4707cb3f6acbab593f917267af1cd7de322b382a2ddf442149c3e613c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8-operator@sha256:40f0c0d4707cb3f6acbab593f917267af1cd7de322b382a2ddf442149c3e613c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:35d1eac6227a8a164d84926bc7229f33b6717dee1e94585216ab2b04d5d527a1_ppc64le", "product": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:35d1eac6227a8a164d84926bc7229f33b6717dee1e94585216ab2b04d5d527a1_ppc64le", "product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:35d1eac6227a8a164d84926bc7229f33b6717dee1e94585216ab2b04d5d527a1_ppc64le", "product_identification_helper": { "purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:35d1eac6227a8a164d84926bc7229f33b6717dee1e94585216ab2b04d5d527a1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/prometheus-rhel8@sha256:0e323da0373223f3d74b6f605b407a6b186ff2d2da4cf6f5110cdf915ebf921c_ppc64le", "product": { "name": "rhacm2/prometheus-rhel8@sha256:0e323da0373223f3d74b6f605b407a6b186ff2d2da4cf6f5110cdf915ebf921c_ppc64le", "product_id": "rhacm2/prometheus-rhel8@sha256:0e323da0373223f3d74b6f605b407a6b186ff2d2da4cf6f5110cdf915ebf921c_ppc64le", "product_identification_helper": { "purl": "pkg:oci/prometheus-rhel8@sha256:0e323da0373223f3d74b6f605b407a6b186ff2d2da4cf6f5110cdf915ebf921c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.6.4-5" } } }, { "category": "product_version", "name": "rhacm2/rbac-query-proxy-rhel8@sha256:037f32bcb75c53c2ca3df761d42c8ac2c409c21cd52fb0f82b16a558cb465860_ppc64le", "product": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:037f32bcb75c53c2ca3df761d42c8ac2c409c21cd52fb0f82b16a558cb465860_ppc64le", "product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:037f32bcb75c53c2ca3df761d42c8ac2c409c21cd52fb0f82b16a558cb465860_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:037f32bcb75c53c2ca3df761d42c8ac2c409c21cd52fb0f82b16a558cb465860?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/redisgraph-tls-rhel8@sha256:ca4cd77e3facd5539bd81fd48fe9336221e80ba291c0f833ffd83f0eaf11e07a_ppc64le", "product": { "name": "rhacm2/redisgraph-tls-rhel8@sha256:ca4cd77e3facd5539bd81fd48fe9336221e80ba291c0f833ffd83f0eaf11e07a_ppc64le", "product_id": "rhacm2/redisgraph-tls-rhel8@sha256:ca4cd77e3facd5539bd81fd48fe9336221e80ba291c0f833ffd83f0eaf11e07a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/redisgraph-tls-rhel8@sha256:ca4cd77e3facd5539bd81fd48fe9336221e80ba291c0f833ffd83f0eaf11e07a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/redisgraph-tls-rhel8\u0026tag=v2.6.4-5" } } }, { "category": "product_version", "name": "rhacm2/search-aggregator-rhel8@sha256:a9f793576637ced1ebe38ca9ac21755f042db908728146ef329fccf93811ce45_ppc64le", "product": { "name": "rhacm2/search-aggregator-rhel8@sha256:a9f793576637ced1ebe38ca9ac21755f042db908728146ef329fccf93811ce45_ppc64le", "product_id": "rhacm2/search-aggregator-rhel8@sha256:a9f793576637ced1ebe38ca9ac21755f042db908728146ef329fccf93811ce45_ppc64le", "product_identification_helper": { "purl": "pkg:oci/search-aggregator-rhel8@sha256:a9f793576637ced1ebe38ca9ac21755f042db908728146ef329fccf93811ce45?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-aggregator-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/search-api-rhel8@sha256:2d28b16b252edf0bd1e1ec3f820d155d1aff4a7a716f5443125fba72e6a63ac1_ppc64le", "product": { "name": "rhacm2/search-api-rhel8@sha256:2d28b16b252edf0bd1e1ec3f820d155d1aff4a7a716f5443125fba72e6a63ac1_ppc64le", "product_id": "rhacm2/search-api-rhel8@sha256:2d28b16b252edf0bd1e1ec3f820d155d1aff4a7a716f5443125fba72e6a63ac1_ppc64le", "product_identification_helper": { "purl": "pkg:oci/search-api-rhel8@sha256:2d28b16b252edf0bd1e1ec3f820d155d1aff4a7a716f5443125fba72e6a63ac1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-api-rhel8\u0026tag=v2.6.4-9" } } }, { "category": "product_version", "name": "rhacm2/search-collector-rhel8@sha256:5a08a50c990ed4417d8f9f9841ee1de19634af2172a1f98b8fde1bb92fccefb0_ppc64le", "product": { "name": "rhacm2/search-collector-rhel8@sha256:5a08a50c990ed4417d8f9f9841ee1de19634af2172a1f98b8fde1bb92fccefb0_ppc64le", "product_id": "rhacm2/search-collector-rhel8@sha256:5a08a50c990ed4417d8f9f9841ee1de19634af2172a1f98b8fde1bb92fccefb0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/search-collector-rhel8@sha256:5a08a50c990ed4417d8f9f9841ee1de19634af2172a1f98b8fde1bb92fccefb0?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.6.4-5" } } }, { "category": "product_version", "name": "rhacm2/search-rhel8@sha256:cec39662240316282583d53b06957dd53eae71fe9ee9176619a9501d5fe52e18_ppc64le", "product": { "name": "rhacm2/search-rhel8@sha256:cec39662240316282583d53b06957dd53eae71fe9ee9176619a9501d5fe52e18_ppc64le", "product_id": "rhacm2/search-rhel8@sha256:cec39662240316282583d53b06957dd53eae71fe9ee9176619a9501d5fe52e18_ppc64le", "product_identification_helper": { "purl": "pkg:oci/search-rhel8@sha256:cec39662240316282583d53b06957dd53eae71fe9ee9176619a9501d5fe52e18?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/search-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/submariner-addon-rhel8@sha256:81c01dc11be9f1392d08fc73d851a7ec9eacf231996abf16c8a72d8e236cabd9_ppc64le", "product": { "name": "rhacm2/submariner-addon-rhel8@sha256:81c01dc11be9f1392d08fc73d851a7ec9eacf231996abf16c8a72d8e236cabd9_ppc64le", "product_id": "rhacm2/submariner-addon-rhel8@sha256:81c01dc11be9f1392d08fc73d851a7ec9eacf231996abf16c8a72d8e236cabd9_ppc64le", "product_identification_helper": { "purl": "pkg:oci/submariner-addon-rhel8@sha256:81c01dc11be9f1392d08fc73d851a7ec9eacf231996abf16c8a72d8e236cabd9?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.6.4-11" } } }, { "category": "product_version", "name": "rhacm2/thanos-rhel8@sha256:80041d399a8f8235338af770656f5d8ddf131f8434f4869ebd95e0d3d9e50594_ppc64le", "product": { "name": "rhacm2/thanos-rhel8@sha256:80041d399a8f8235338af770656f5d8ddf131f8434f4869ebd95e0d3d9e50594_ppc64le", "product_id": "rhacm2/thanos-rhel8@sha256:80041d399a8f8235338af770656f5d8ddf131f8434f4869ebd95e0d3d9e50594_ppc64le", "product_identification_helper": { "purl": "pkg:oci/thanos-rhel8@sha256:80041d399a8f8235338af770656f5d8ddf131f8434f4869ebd95e0d3d9e50594?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/thanos-receive-controller-rhel8@sha256:784ca9b2ee4f24802a3287a20dae0b8837b39ac253fcec1f8e0327ca2c2b8e43_ppc64le", "product": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:784ca9b2ee4f24802a3287a20dae0b8837b39ac253fcec1f8e0327ca2c2b8e43_ppc64le", "product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:784ca9b2ee4f24802a3287a20dae0b8837b39ac253fcec1f8e0327ca2c2b8e43_ppc64le", "product_identification_helper": { "purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:784ca9b2ee4f24802a3287a20dae0b8837b39ac253fcec1f8e0327ca2c2b8e43?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.6.4-5" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:61130d76a9adf8c0aa14c46e56f5e7b1b588a186903e0559ed2139a6e6f70c86_amd64", "product": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:61130d76a9adf8c0aa14c46e56f5e7b1b588a186903e0559ed2139a6e6f70c86_amd64", "product_id": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:61130d76a9adf8c0aa14c46e56f5e7b1b588a186903e0559ed2139a6e6f70c86_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-governance-policy-addon-controller-rhel8@sha256:61130d76a9adf8c0aa14c46e56f5e7b1b588a186903e0559ed2139a6e6f70c86?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-governance-policy-addon-controller-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/acm-grafana-rhel8@sha256:bfe9b7bcf0625e885e052caf23a310702173a669620b32f071f83dea7b13991d_amd64", "product": { "name": "rhacm2/acm-grafana-rhel8@sha256:bfe9b7bcf0625e885e052caf23a310702173a669620b32f071f83dea7b13991d_amd64", "product_id": "rhacm2/acm-grafana-rhel8@sha256:bfe9b7bcf0625e885e052caf23a310702173a669620b32f071f83dea7b13991d_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-grafana-rhel8@sha256:bfe9b7bcf0625e885e052caf23a310702173a669620b32f071f83dea7b13991d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-grafana-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/acm-must-gather-rhel8@sha256:f44b26dc661c6d88ac3608d99d0dce9ad05d71b43402e01377ba0f367cbe73ff_amd64", "product": { "name": "rhacm2/acm-must-gather-rhel8@sha256:f44b26dc661c6d88ac3608d99d0dce9ad05d71b43402e01377ba0f367cbe73ff_amd64", "product_id": "rhacm2/acm-must-gather-rhel8@sha256:f44b26dc661c6d88ac3608d99d0dce9ad05d71b43402e01377ba0f367cbe73ff_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-must-gather-rhel8@sha256:f44b26dc661c6d88ac3608d99d0dce9ad05d71b43402e01377ba0f367cbe73ff?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-must-gather-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/acm-operator-bundle@sha256:d211ac3abd79d3fbbfbe78f9c2f1886ff9e289fe01934d6e0f9f0797c6fba39b_amd64", "product": { "name": "rhacm2/acm-operator-bundle@sha256:d211ac3abd79d3fbbfbe78f9c2f1886ff9e289fe01934d6e0f9f0797c6fba39b_amd64", "product_id": "rhacm2/acm-operator-bundle@sha256:d211ac3abd79d3fbbfbe78f9c2f1886ff9e289fe01934d6e0f9f0797c6fba39b_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-operator-bundle@sha256:d211ac3abd79d3fbbfbe78f9c2f1886ff9e289fe01934d6e0f9f0797c6fba39b?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-operator-bundle\u0026tag=v2.6.4-31" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:b7fe05d3c00a3e14691f7aeeac2adc8b278254c91341a82b04861aec1fdc2544_amd64", "product": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:b7fe05d3c00a3e14691f7aeeac2adc8b278254c91341a82b04861aec1fdc2544_amd64", "product_id": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:b7fe05d3c00a3e14691f7aeeac2adc8b278254c91341a82b04861aec1fdc2544_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-config-reloader-rhel8@sha256:b7fe05d3c00a3e14691f7aeeac2adc8b278254c91341a82b04861aec1fdc2544?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-config-reloader-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/acm-prometheus-rhel8@sha256:a150ebba0dea0ddc16fe23701ba0400c0d1c62ba9ad34e44fd87d0257caee932_amd64", "product": { "name": "rhacm2/acm-prometheus-rhel8@sha256:a150ebba0dea0ddc16fe23701ba0400c0d1c62ba9ad34e44fd87d0257caee932_amd64", "product_id": "rhacm2/acm-prometheus-rhel8@sha256:a150ebba0dea0ddc16fe23701ba0400c0d1c62ba9ad34e44fd87d0257caee932_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-prometheus-rhel8@sha256:a150ebba0dea0ddc16fe23701ba0400c0d1c62ba9ad34e44fd87d0257caee932?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-prometheus-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:f3a2b0b31436ea31e3abbd4b61792b360143f3e00013aab65a8bd78973959369_amd64", "product": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:f3a2b0b31436ea31e3abbd4b61792b360143f3e00013aab65a8bd78973959369_amd64", "product_id": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:f3a2b0b31436ea31e3abbd4b61792b360143f3e00013aab65a8bd78973959369_amd64", "product_identification_helper": { "purl": "pkg:oci/acm-volsync-addon-controller-rhel8@sha256:f3a2b0b31436ea31e3abbd4b61792b360143f3e00013aab65a8bd78973959369?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/acm-volsync-addon-controller-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/cert-policy-controller-rhel8@sha256:19b56fec5b0398f1193e4695831d198ac88a75e496bc01c66ad25a92ad338f3b_amd64", "product": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:19b56fec5b0398f1193e4695831d198ac88a75e496bc01c66ad25a92ad338f3b_amd64", "product_id": "rhacm2/cert-policy-controller-rhel8@sha256:19b56fec5b0398f1193e4695831d198ac88a75e496bc01c66ad25a92ad338f3b_amd64", "product_identification_helper": { "purl": "pkg:oci/cert-policy-controller-rhel8@sha256:19b56fec5b0398f1193e4695831d198ac88a75e496bc01c66ad25a92ad338f3b?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cert-policy-controller-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/cluster-backup-rhel8-operator@sha256:f5d5a6f7de76cee2d3b1619f3d5fcf75194aacb4bc12d5d4c201bab4d5597ee2_amd64", "product": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:f5d5a6f7de76cee2d3b1619f3d5fcf75194aacb4bc12d5d4c201bab4d5597ee2_amd64", "product_id": "rhacm2/cluster-backup-rhel8-operator@sha256:f5d5a6f7de76cee2d3b1619f3d5fcf75194aacb4bc12d5d4c201bab4d5597ee2_amd64", "product_identification_helper": { "purl": "pkg:oci/cluster-backup-rhel8-operator@sha256:f5d5a6f7de76cee2d3b1619f3d5fcf75194aacb4bc12d5d4c201bab4d5597ee2?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/cluster-backup-rhel8-operator\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/config-policy-controller-rhel8@sha256:28e34470e1ec3c0b1ced4842a3479b3fba9cc9607aa5470c5b17590e1ca4bc6a_amd64", "product": { "name": "rhacm2/config-policy-controller-rhel8@sha256:28e34470e1ec3c0b1ced4842a3479b3fba9cc9607aa5470c5b17590e1ca4bc6a_amd64", "product_id": "rhacm2/config-policy-controller-rhel8@sha256:28e34470e1ec3c0b1ced4842a3479b3fba9cc9607aa5470c5b17590e1ca4bc6a_amd64", "product_identification_helper": { "purl": "pkg:oci/config-policy-controller-rhel8@sha256:28e34470e1ec3c0b1ced4842a3479b3fba9cc9607aa5470c5b17590e1ca4bc6a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/config-policy-controller-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/console-rhel8@sha256:d704cbfd52ffc28600576014b2252f6bd68c24510fdec9fd07983e7a1d71abac_amd64", "product": { "name": "rhacm2/console-rhel8@sha256:d704cbfd52ffc28600576014b2252f6bd68c24510fdec9fd07983e7a1d71abac_amd64", "product_id": "rhacm2/console-rhel8@sha256:d704cbfd52ffc28600576014b2252f6bd68c24510fdec9fd07983e7a1d71abac_amd64", "product_identification_helper": { "purl": "pkg:oci/console-rhel8@sha256:d704cbfd52ffc28600576014b2252f6bd68c24510fdec9fd07983e7a1d71abac?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/console-rhel8\u0026tag=v2.6.4-18" } } }, { "category": "product_version", "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:3a0845abe6f3eb7daea9f7be70146c50157422ec08c4729e5d03afc0071b1b95_amd64", "product": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:3a0845abe6f3eb7daea9f7be70146c50157422ec08c4729e5d03afc0071b1b95_amd64", "product_id": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:3a0845abe6f3eb7daea9f7be70146c50157422ec08c4729e5d03afc0071b1b95_amd64", "product_identification_helper": { "purl": "pkg:oci/endpoint-monitoring-rhel8-operator@sha256:3a0845abe6f3eb7daea9f7be70146c50157422ec08c4729e5d03afc0071b1b95?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/endpoint-monitoring-rhel8-operator\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-propagator-rhel8@sha256:b38271d78dbbb935d43a2f17f8b094c082f625fee82054457e2cd39fa0351994_amd64", "product": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:b38271d78dbbb935d43a2f17f8b094c082f625fee82054457e2cd39fa0351994_amd64", "product_id": "rhacm2/governance-policy-propagator-rhel8@sha256:b38271d78dbbb935d43a2f17f8b094c082f625fee82054457e2cd39fa0351994_amd64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-propagator-rhel8@sha256:b38271d78dbbb935d43a2f17f8b094c082f625fee82054457e2cd39fa0351994?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-propagator-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:cbc36059b752e976905b0229c11cae97e6f337d12025d23d87a307ad73ae6716_amd64", "product": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:cbc36059b752e976905b0229c11cae97e6f337d12025d23d87a307ad73ae6716_amd64", "product_id": "rhacm2/governance-policy-spec-sync-rhel8@sha256:cbc36059b752e976905b0229c11cae97e6f337d12025d23d87a307ad73ae6716_amd64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-spec-sync-rhel8@sha256:cbc36059b752e976905b0229c11cae97e6f337d12025d23d87a307ad73ae6716?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-spec-sync-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:d21e99b074aa214bc51067968b914c8379e198436d57ea747df4338607b93d48_amd64", "product": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:d21e99b074aa214bc51067968b914c8379e198436d57ea747df4338607b93d48_amd64", "product_id": "rhacm2/governance-policy-status-sync-rhel8@sha256:d21e99b074aa214bc51067968b914c8379e198436d57ea747df4338607b93d48_amd64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-status-sync-rhel8@sha256:d21e99b074aa214bc51067968b914c8379e198436d57ea747df4338607b93d48?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-status-sync-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:eef6778e228371853f242025a102c4208c90c34f4cafab01bcff8c61c402c964_amd64", "product": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:eef6778e228371853f242025a102c4208c90c34f4cafab01bcff8c61c402c964_amd64", "product_id": "rhacm2/governance-policy-template-sync-rhel8@sha256:eef6778e228371853f242025a102c4208c90c34f4cafab01bcff8c61c402c964_amd64", "product_identification_helper": { "purl": "pkg:oci/governance-policy-template-sync-rhel8@sha256:eef6778e228371853f242025a102c4208c90c34f4cafab01bcff8c61c402c964?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/governance-policy-template-sync-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:1821593db2c0ca2390d7b79599d725cdd1ce97a48283d7e43b87bd3bc91f3d6a_amd64", "product": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:1821593db2c0ca2390d7b79599d725cdd1ce97a48283d7e43b87bd3bc91f3d6a_amd64", "product_id": "rhacm2/grafana-dashboard-loader-rhel8@sha256:1821593db2c0ca2390d7b79599d725cdd1ce97a48283d7e43b87bd3bc91f3d6a_amd64", "product_identification_helper": { "purl": "pkg:oci/grafana-dashboard-loader-rhel8@sha256:1821593db2c0ca2390d7b79599d725cdd1ce97a48283d7e43b87bd3bc91f3d6a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/grafana-dashboard-loader-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/iam-policy-controller-rhel8@sha256:80485bb799315ca749c41e97c4c7c03077812f6042e58d8074664e3f43b7f089_amd64", "product": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:80485bb799315ca749c41e97c4c7c03077812f6042e58d8074664e3f43b7f089_amd64", "product_id": "rhacm2/iam-policy-controller-rhel8@sha256:80485bb799315ca749c41e97c4c7c03077812f6042e58d8074664e3f43b7f089_amd64", "product_identification_helper": { "purl": "pkg:oci/iam-policy-controller-rhel8@sha256:80485bb799315ca749c41e97c4c7c03077812f6042e58d8074664e3f43b7f089?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/iam-policy-controller-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/insights-client-rhel8@sha256:67a073c946ec93ebc804e0659cef7adeafc2374cd50078213e5fdb9ea0ab39df_amd64", "product": { "name": "rhacm2/insights-client-rhel8@sha256:67a073c946ec93ebc804e0659cef7adeafc2374cd50078213e5fdb9ea0ab39df_amd64", "product_id": "rhacm2/insights-client-rhel8@sha256:67a073c946ec93ebc804e0659cef7adeafc2374cd50078213e5fdb9ea0ab39df_amd64", "product_identification_helper": { "purl": "pkg:oci/insights-client-rhel8@sha256:67a073c946ec93ebc804e0659cef7adeafc2374cd50078213e5fdb9ea0ab39df?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/insights-client-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/insights-metrics-rhel8@sha256:a3282b636b15d635dd3efc864401745b7b498f1c479f53e3a433fec7911f8394_amd64", "product": { "name": "rhacm2/insights-metrics-rhel8@sha256:a3282b636b15d635dd3efc864401745b7b498f1c479f53e3a433fec7911f8394_amd64", "product_id": "rhacm2/insights-metrics-rhel8@sha256:a3282b636b15d635dd3efc864401745b7b498f1c479f53e3a433fec7911f8394_amd64", "product_identification_helper": { "purl": "pkg:oci/insights-metrics-rhel8@sha256:a3282b636b15d635dd3efc864401745b7b498f1c479f53e3a433fec7911f8394?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/insights-metrics-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:7563def4a9aaa7919df519c6d8003e0a7ca809c4a5060de2452f07ba30814b23_amd64", "product": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:7563def4a9aaa7919df519c6d8003e0a7ca809c4a5060de2452f07ba30814b23_amd64", "product_id": "rhacm2/klusterlet-addon-controller-rhel8@sha256:7563def4a9aaa7919df519c6d8003e0a7ca809c4a5060de2452f07ba30814b23_amd64", "product_identification_helper": { "purl": "pkg:oci/klusterlet-addon-controller-rhel8@sha256:7563def4a9aaa7919df519c6d8003e0a7ca809c4a5060de2452f07ba30814b23?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/klusterlet-addon-controller-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:93e3fd0ed70942cd139f9aa69cb1b554a9f233bcd9dee4ae6677884d1761bdbd_amd64", "product": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:93e3fd0ed70942cd139f9aa69cb1b554a9f233bcd9dee4ae6677884d1761bdbd_amd64", "product_id": "rhacm2/kube-rbac-proxy-rhel8@sha256:93e3fd0ed70942cd139f9aa69cb1b554a9f233bcd9dee4ae6677884d1761bdbd_amd64", "product_identification_helper": { "purl": "pkg:oci/kube-rbac-proxy-rhel8@sha256:93e3fd0ed70942cd139f9aa69cb1b554a9f233bcd9dee4ae6677884d1761bdbd?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/kube-rbac-proxy-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/kube-state-metrics-rhel8@sha256:0b80b5dfafea88c4622f2aab35cbbe9816be4c3f6efc0a95c9038f16a910aa84_amd64", "product": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:0b80b5dfafea88c4622f2aab35cbbe9816be4c3f6efc0a95c9038f16a910aa84_amd64", "product_id": "rhacm2/kube-state-metrics-rhel8@sha256:0b80b5dfafea88c4622f2aab35cbbe9816be4c3f6efc0a95c9038f16a910aa84_amd64", "product_identification_helper": { "purl": "pkg:oci/kube-state-metrics-rhel8@sha256:0b80b5dfafea88c4622f2aab35cbbe9816be4c3f6efc0a95c9038f16a910aa84?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/kube-state-metrics-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/management-ingress-rhel8@sha256:f8c4d907139b78e05905be1b1a2005fcf1e1a8f86b811c8434c8d87131704806_amd64", "product": { "name": "rhacm2/management-ingress-rhel8@sha256:f8c4d907139b78e05905be1b1a2005fcf1e1a8f86b811c8434c8d87131704806_amd64", "product_id": "rhacm2/management-ingress-rhel8@sha256:f8c4d907139b78e05905be1b1a2005fcf1e1a8f86b811c8434c8d87131704806_amd64", "product_identification_helper": { "purl": "pkg:oci/management-ingress-rhel8@sha256:f8c4d907139b78e05905be1b1a2005fcf1e1a8f86b811c8434c8d87131704806?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/management-ingress-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/memcached-rhel8@sha256:f354c65db51cbe4085d9ea8b0c8154ab50ace724373600aa2ef2da17ef32a4ab_amd64", "product": { "name": "rhacm2/memcached-rhel8@sha256:f354c65db51cbe4085d9ea8b0c8154ab50ace724373600aa2ef2da17ef32a4ab_amd64", "product_id": "rhacm2/memcached-rhel8@sha256:f354c65db51cbe4085d9ea8b0c8154ab50ace724373600aa2ef2da17ef32a4ab_amd64", "product_identification_helper": { "purl": "pkg:oci/memcached-rhel8@sha256:f354c65db51cbe4085d9ea8b0c8154ab50ace724373600aa2ef2da17ef32a4ab?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/memcached-rhel8\u0026tag=v2.6.4-4" } } }, { "category": "product_version", "name": "rhacm2/memcached-exporter-rhel8@sha256:ff7140ddb5a1fce8c1020c779ff1d5050f019d24f739d4925857ea6d5a4dd79a_amd64", "product": { "name": "rhacm2/memcached-exporter-rhel8@sha256:ff7140ddb5a1fce8c1020c779ff1d5050f019d24f739d4925857ea6d5a4dd79a_amd64", "product_id": "rhacm2/memcached-exporter-rhel8@sha256:ff7140ddb5a1fce8c1020c779ff1d5050f019d24f739d4925857ea6d5a4dd79a_amd64", "product_identification_helper": { "purl": "pkg:oci/memcached-exporter-rhel8@sha256:ff7140ddb5a1fce8c1020c779ff1d5050f019d24f739d4925857ea6d5a4dd79a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/memcached-exporter-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/metrics-collector-rhel8@sha256:39501eeb312f7b4a13a0fc0420e4f06af944f7c81688e3a9430975e8579d4a20_amd64", "product": { "name": "rhacm2/metrics-collector-rhel8@sha256:39501eeb312f7b4a13a0fc0420e4f06af944f7c81688e3a9430975e8579d4a20_amd64", "product_id": "rhacm2/metrics-collector-rhel8@sha256:39501eeb312f7b4a13a0fc0420e4f06af944f7c81688e3a9430975e8579d4a20_amd64", "product_identification_helper": { "purl": "pkg:oci/metrics-collector-rhel8@sha256:39501eeb312f7b4a13a0fc0420e4f06af944f7c81688e3a9430975e8579d4a20?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/metrics-collector-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/multicloud-integrations-rhel8@sha256:979e3786edd600e094a69d279701a42f6330b000957fd8ea4a12c85cbff04df2_amd64", "product": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:979e3786edd600e094a69d279701a42f6330b000957fd8ea4a12c85cbff04df2_amd64", "product_id": "rhacm2/multicloud-integrations-rhel8@sha256:979e3786edd600e094a69d279701a42f6330b000957fd8ea4a12c85cbff04df2_amd64", "product_identification_helper": { "purl": "pkg:oci/multicloud-integrations-rhel8@sha256:979e3786edd600e094a69d279701a42f6330b000957fd8ea4a12c85cbff04df2?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicloud-integrations-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-rhel8@sha256:04bffd7c3d708ecdfb9f750dc571242ecb575760b2dc032a89d6b90d996f9298_amd64", "product": { "name": "rhacm2/multiclusterhub-rhel8@sha256:04bffd7c3d708ecdfb9f750dc571242ecb575760b2dc032a89d6b90d996f9298_amd64", "product_id": "rhacm2/multiclusterhub-rhel8@sha256:04bffd7c3d708ecdfb9f750dc571242ecb575760b2dc032a89d6b90d996f9298_amd64", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-rhel8@sha256:04bffd7c3d708ecdfb9f750dc571242ecb575760b2dc032a89d6b90d996f9298?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:b4ec8064135b8a0a37c4d9190e6a39429140243f9e7a97d4d82e4e0ae349aa71_amd64", "product": { "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:b4ec8064135b8a0a37c4d9190e6a39429140243f9e7a97d4d82e4e0ae349aa71_amd64", "product_id": "rhacm2/multiclusterhub-repo-rhel8@sha256:b4ec8064135b8a0a37c4d9190e6a39429140243f9e7a97d4d82e4e0ae349aa71_amd64", "product_identification_helper": { "purl": "pkg:oci/multiclusterhub-repo-rhel8@sha256:b4ec8064135b8a0a37c4d9190e6a39429140243f9e7a97d4d82e4e0ae349aa71?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multiclusterhub-repo-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:b329b846f30a02dc12a9af1006b32eae111fb9954dcf5ab4dd01142c73768291_amd64", "product": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:b329b846f30a02dc12a9af1006b32eae111fb9954dcf5ab4dd01142c73768291_amd64", "product_id": "rhacm2/multicluster-observability-rhel8-operator@sha256:b329b846f30a02dc12a9af1006b32eae111fb9954dcf5ab4dd01142c73768291_amd64", "product_identification_helper": { "purl": "pkg:oci/multicluster-observability-rhel8-operator@sha256:b329b846f30a02dc12a9af1006b32eae111fb9954dcf5ab4dd01142c73768291?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-observability-rhel8-operator\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-application-rhel8@sha256:ec13dbcfaa27524e0b93f744643dcb5c8f425246c3270cc6af038aa0efb8145f_amd64", "product": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:ec13dbcfaa27524e0b93f744643dcb5c8f425246c3270cc6af038aa0efb8145f_amd64", "product_id": "rhacm2/multicluster-operators-application-rhel8@sha256:ec13dbcfaa27524e0b93f744643dcb5c8f425246c3270cc6af038aa0efb8145f_amd64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-application-rhel8@sha256:ec13dbcfaa27524e0b93f744643dcb5c8f425246c3270cc6af038aa0efb8145f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-application-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:911a0452186303c9b3f82a4d964fdfe31422f84657173a6f272f67bf80e16871_amd64", "product": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:911a0452186303c9b3f82a4d964fdfe31422f84657173a6f272f67bf80e16871_amd64", "product_id": "rhacm2/multicluster-operators-channel-rhel8@sha256:911a0452186303c9b3f82a4d964fdfe31422f84657173a6f272f67bf80e16871_amd64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-channel-rhel8@sha256:911a0452186303c9b3f82a4d964fdfe31422f84657173a6f272f67bf80e16871?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-channel-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:e83389b09ed8acbe2785767709cefbe14e03030e7480a31b0ee088e82093e297_amd64", "product": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:e83389b09ed8acbe2785767709cefbe14e03030e7480a31b0ee088e82093e297_amd64", "product_id": "rhacm2/multicluster-operators-subscription-rhel8@sha256:e83389b09ed8acbe2785767709cefbe14e03030e7480a31b0ee088e82093e297_amd64", "product_identification_helper": { "purl": "pkg:oci/multicluster-operators-subscription-rhel8@sha256:e83389b09ed8acbe2785767709cefbe14e03030e7480a31b0ee088e82093e297?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel8\u0026tag=v2.6.4-8" } } }, { "category": "product_version", "name": "rhacm2/node-exporter-rhel8@sha256:9bd622d81286a07c025a9dce55ca1139e4b93cae830dfe347d57ad368751e43e_amd64", "product": { "name": "rhacm2/node-exporter-rhel8@sha256:9bd622d81286a07c025a9dce55ca1139e4b93cae830dfe347d57ad368751e43e_amd64", "product_id": "rhacm2/node-exporter-rhel8@sha256:9bd622d81286a07c025a9dce55ca1139e4b93cae830dfe347d57ad368751e43e_amd64", "product_identification_helper": { "purl": "pkg:oci/node-exporter-rhel8@sha256:9bd622d81286a07c025a9dce55ca1139e4b93cae830dfe347d57ad368751e43e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/node-exporter-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8@sha256:a51c789ed04a4c127c017625883041acd522831e885637071d41bfe3eebbcb34_amd64", "product": { "name": "rhacm2/observatorium-rhel8@sha256:a51c789ed04a4c127c017625883041acd522831e885637071d41bfe3eebbcb34_amd64", "product_id": "rhacm2/observatorium-rhel8@sha256:a51c789ed04a4c127c017625883041acd522831e885637071d41bfe3eebbcb34_amd64", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8@sha256:a51c789ed04a4c127c017625883041acd522831e885637071d41bfe3eebbcb34?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/observatorium-rhel8-operator@sha256:642e765685e1d1ee7cd69a9d5230c2dc821ee71f7346135c992b25fdab278d03_amd64", "product": { "name": "rhacm2/observatorium-rhel8-operator@sha256:642e765685e1d1ee7cd69a9d5230c2dc821ee71f7346135c992b25fdab278d03_amd64", "product_id": "rhacm2/observatorium-rhel8-operator@sha256:642e765685e1d1ee7cd69a9d5230c2dc821ee71f7346135c992b25fdab278d03_amd64", "product_identification_helper": { "purl": "pkg:oci/observatorium-rhel8-operator@sha256:642e765685e1d1ee7cd69a9d5230c2dc821ee71f7346135c992b25fdab278d03?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/observatorium-rhel8-operator\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:d6b0e86f29dab6d89f6fa11c0784ff14cb1006760a16bee26336197f0cfae87a_amd64", "product": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:d6b0e86f29dab6d89f6fa11c0784ff14cb1006760a16bee26336197f0cfae87a_amd64", "product_id": "rhacm2/prometheus-alertmanager-rhel8@sha256:d6b0e86f29dab6d89f6fa11c0784ff14cb1006760a16bee26336197f0cfae87a_amd64", "product_identification_helper": { "purl": "pkg:oci/prometheus-alertmanager-rhel8@sha256:d6b0e86f29dab6d89f6fa11c0784ff14cb1006760a16bee26336197f0cfae87a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-alertmanager-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/prometheus-rhel8@sha256:7af598478e682a5e71ba687b6ff18410ef60702b4fa1d91ab27e9f639fc526e8_amd64", "product": { "name": "rhacm2/prometheus-rhel8@sha256:7af598478e682a5e71ba687b6ff18410ef60702b4fa1d91ab27e9f639fc526e8_amd64", "product_id": "rhacm2/prometheus-rhel8@sha256:7af598478e682a5e71ba687b6ff18410ef60702b4fa1d91ab27e9f639fc526e8_amd64", "product_identification_helper": { "purl": "pkg:oci/prometheus-rhel8@sha256:7af598478e682a5e71ba687b6ff18410ef60702b4fa1d91ab27e9f639fc526e8?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/prometheus-rhel8\u0026tag=v2.6.4-5" } } }, { "category": "product_version", "name": "rhacm2/rbac-query-proxy-rhel8@sha256:e8ff466a5a96124a426bcbbd333dbe8e24413f379a03852a3d46f2bf80ec895d_amd64", "product": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:e8ff466a5a96124a426bcbbd333dbe8e24413f379a03852a3d46f2bf80ec895d_amd64", "product_id": "rhacm2/rbac-query-proxy-rhel8@sha256:e8ff466a5a96124a426bcbbd333dbe8e24413f379a03852a3d46f2bf80ec895d_amd64", "product_identification_helper": { "purl": "pkg:oci/rbac-query-proxy-rhel8@sha256:e8ff466a5a96124a426bcbbd333dbe8e24413f379a03852a3d46f2bf80ec895d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/rbac-query-proxy-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/redisgraph-tls-rhel8@sha256:b7de40c100bb2398625d0c82bfacc95fa48aabbd9bf8b5f6392a4472859cbc32_amd64", "product": { "name": "rhacm2/redisgraph-tls-rhel8@sha256:b7de40c100bb2398625d0c82bfacc95fa48aabbd9bf8b5f6392a4472859cbc32_amd64", "product_id": "rhacm2/redisgraph-tls-rhel8@sha256:b7de40c100bb2398625d0c82bfacc95fa48aabbd9bf8b5f6392a4472859cbc32_amd64", "product_identification_helper": { "purl": "pkg:oci/redisgraph-tls-rhel8@sha256:b7de40c100bb2398625d0c82bfacc95fa48aabbd9bf8b5f6392a4472859cbc32?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/redisgraph-tls-rhel8\u0026tag=v2.6.4-5" } } }, { "category": "product_version", "name": "rhacm2/search-aggregator-rhel8@sha256:d0661fcd6a08c6526494d24e3351ffb70957ef5b82b9ae7e3a990c9b5051d5cc_amd64", "product": { "name": "rhacm2/search-aggregator-rhel8@sha256:d0661fcd6a08c6526494d24e3351ffb70957ef5b82b9ae7e3a990c9b5051d5cc_amd64", "product_id": "rhacm2/search-aggregator-rhel8@sha256:d0661fcd6a08c6526494d24e3351ffb70957ef5b82b9ae7e3a990c9b5051d5cc_amd64", "product_identification_helper": { "purl": "pkg:oci/search-aggregator-rhel8@sha256:d0661fcd6a08c6526494d24e3351ffb70957ef5b82b9ae7e3a990c9b5051d5cc?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-aggregator-rhel8\u0026tag=v2.6.4-7" } } }, { "category": "product_version", "name": "rhacm2/search-api-rhel8@sha256:3ad1262ba07c5b5aa31a207b1653e19f7faacc4cb303d2b5a0763d10eb93e849_amd64", "product": { "name": "rhacm2/search-api-rhel8@sha256:3ad1262ba07c5b5aa31a207b1653e19f7faacc4cb303d2b5a0763d10eb93e849_amd64", "product_id": "rhacm2/search-api-rhel8@sha256:3ad1262ba07c5b5aa31a207b1653e19f7faacc4cb303d2b5a0763d10eb93e849_amd64", "product_identification_helper": { "purl": "pkg:oci/search-api-rhel8@sha256:3ad1262ba07c5b5aa31a207b1653e19f7faacc4cb303d2b5a0763d10eb93e849?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-api-rhel8\u0026tag=v2.6.4-9" } } }, { "category": "product_version", "name": "rhacm2/search-collector-rhel8@sha256:9446ac9d281170357d985a104a2fa073b3a569ee09a955a16e14612d685fef5e_amd64", "product": { "name": "rhacm2/search-collector-rhel8@sha256:9446ac9d281170357d985a104a2fa073b3a569ee09a955a16e14612d685fef5e_amd64", "product_id": "rhacm2/search-collector-rhel8@sha256:9446ac9d281170357d985a104a2fa073b3a569ee09a955a16e14612d685fef5e_amd64", "product_identification_helper": { "purl": "pkg:oci/search-collector-rhel8@sha256:9446ac9d281170357d985a104a2fa073b3a569ee09a955a16e14612d685fef5e?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-collector-rhel8\u0026tag=v2.6.4-5" } } }, { "category": "product_version", "name": "rhacm2/search-rhel8@sha256:8235a36f2220a68809f0babae52f80792e6ad0e16f721f7129f11e96cf3b2bd9_amd64", "product": { "name": "rhacm2/search-rhel8@sha256:8235a36f2220a68809f0babae52f80792e6ad0e16f721f7129f11e96cf3b2bd9_amd64", "product_id": "rhacm2/search-rhel8@sha256:8235a36f2220a68809f0babae52f80792e6ad0e16f721f7129f11e96cf3b2bd9_amd64", "product_identification_helper": { "purl": "pkg:oci/search-rhel8@sha256:8235a36f2220a68809f0babae52f80792e6ad0e16f721f7129f11e96cf3b2bd9?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/search-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/submariner-addon-rhel8@sha256:2d645d3f46e9613f9007a8e640b48249708bd583e1f8119828ff7b6f03942c09_amd64", "product": { "name": "rhacm2/submariner-addon-rhel8@sha256:2d645d3f46e9613f9007a8e640b48249708bd583e1f8119828ff7b6f03942c09_amd64", "product_id": "rhacm2/submariner-addon-rhel8@sha256:2d645d3f46e9613f9007a8e640b48249708bd583e1f8119828ff7b6f03942c09_amd64", "product_identification_helper": { "purl": "pkg:oci/submariner-addon-rhel8@sha256:2d645d3f46e9613f9007a8e640b48249708bd583e1f8119828ff7b6f03942c09?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-addon-rhel8\u0026tag=v2.6.4-11" } } }, { "category": "product_version", "name": "rhacm2/thanos-rhel8@sha256:c00bddf4726f69dd95b582de5a2ab5901c83176ba39b9d0232d274755b222cd1_amd64", "product": { "name": "rhacm2/thanos-rhel8@sha256:c00bddf4726f69dd95b582de5a2ab5901c83176ba39b9d0232d274755b222cd1_amd64", "product_id": "rhacm2/thanos-rhel8@sha256:c00bddf4726f69dd95b582de5a2ab5901c83176ba39b9d0232d274755b222cd1_amd64", "product_identification_helper": { "purl": "pkg:oci/thanos-rhel8@sha256:c00bddf4726f69dd95b582de5a2ab5901c83176ba39b9d0232d274755b222cd1?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/thanos-rhel8\u0026tag=v2.6.4-6" } } }, { "category": "product_version", "name": "rhacm2/thanos-receive-controller-rhel8@sha256:3fafe8b059919821ba8ee3a84707a42dcf8b468cbaf6af648a38f0738d633895_amd64", "product": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:3fafe8b059919821ba8ee3a84707a42dcf8b468cbaf6af648a38f0738d633895_amd64", "product_id": "rhacm2/thanos-receive-controller-rhel8@sha256:3fafe8b059919821ba8ee3a84707a42dcf8b468cbaf6af648a38f0738d633895_amd64", "product_identification_helper": { "purl": "pkg:oci/thanos-receive-controller-rhel8@sha256:3fafe8b059919821ba8ee3a84707a42dcf8b468cbaf6af648a38f0738d633895?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/thanos-receive-controller-rhel8\u0026tag=v2.6.4-5" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:016f483a5e59153e14800c37d7e16da2fd074dcb84e0db61521c209d148e4fd3_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:016f483a5e59153e14800c37d7e16da2fd074dcb84e0db61521c209d148e4fd3_s390x" }, "product_reference": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:016f483a5e59153e14800c37d7e16da2fd074dcb84e0db61521c209d148e4fd3_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:0e83b7308b7f8efd0dd4c482d301231ea81744a9c243efddb57714f687625bb7_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:0e83b7308b7f8efd0dd4c482d301231ea81744a9c243efddb57714f687625bb7_ppc64le" }, "product_reference": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:0e83b7308b7f8efd0dd4c482d301231ea81744a9c243efddb57714f687625bb7_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:61130d76a9adf8c0aa14c46e56f5e7b1b588a186903e0559ed2139a6e6f70c86_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:61130d76a9adf8c0aa14c46e56f5e7b1b588a186903e0559ed2139a6e6f70c86_amd64" }, "product_reference": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:61130d76a9adf8c0aa14c46e56f5e7b1b588a186903e0559ed2139a6e6f70c86_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:805edfdb835ecd74495c3303651f536e5402e90b8fb1d3b8e205847fb93465e5_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:805edfdb835ecd74495c3303651f536e5402e90b8fb1d3b8e205847fb93465e5_arm64" }, "product_reference": "rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:805edfdb835ecd74495c3303651f536e5402e90b8fb1d3b8e205847fb93465e5_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-grafana-rhel8@sha256:899cb767f3e31ec536ca9d48930b1eaabb4907e6ec65d99fe0b9e186d0df6ca2_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:899cb767f3e31ec536ca9d48930b1eaabb4907e6ec65d99fe0b9e186d0df6ca2_s390x" }, "product_reference": "rhacm2/acm-grafana-rhel8@sha256:899cb767f3e31ec536ca9d48930b1eaabb4907e6ec65d99fe0b9e186d0df6ca2_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-grafana-rhel8@sha256:bc40aa848bbbebd35833e69b8011db918de5c3abf5954dd5d4166a01a486a74f_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:bc40aa848bbbebd35833e69b8011db918de5c3abf5954dd5d4166a01a486a74f_arm64" }, "product_reference": "rhacm2/acm-grafana-rhel8@sha256:bc40aa848bbbebd35833e69b8011db918de5c3abf5954dd5d4166a01a486a74f_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-grafana-rhel8@sha256:bfe9b7bcf0625e885e052caf23a310702173a669620b32f071f83dea7b13991d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:bfe9b7bcf0625e885e052caf23a310702173a669620b32f071f83dea7b13991d_amd64" }, "product_reference": "rhacm2/acm-grafana-rhel8@sha256:bfe9b7bcf0625e885e052caf23a310702173a669620b32f071f83dea7b13991d_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-grafana-rhel8@sha256:f082c0cdabf220570bc3bdf145c66fefe39d31cbb988da962a3262d0264777e6_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:f082c0cdabf220570bc3bdf145c66fefe39d31cbb988da962a3262d0264777e6_ppc64le" }, "product_reference": "rhacm2/acm-grafana-rhel8@sha256:f082c0cdabf220570bc3bdf145c66fefe39d31cbb988da962a3262d0264777e6_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-must-gather-rhel8@sha256:10508327d7bc352c8e15a4876f5b2703c7be468d2cca14172f2dee077ee49bb8_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:10508327d7bc352c8e15a4876f5b2703c7be468d2cca14172f2dee077ee49bb8_arm64" }, "product_reference": "rhacm2/acm-must-gather-rhel8@sha256:10508327d7bc352c8e15a4876f5b2703c7be468d2cca14172f2dee077ee49bb8_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-must-gather-rhel8@sha256:4ede1e02b3574cc788867b443a745dcc75d35abad1b53f24159c5bd29c200821_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:4ede1e02b3574cc788867b443a745dcc75d35abad1b53f24159c5bd29c200821_ppc64le" }, "product_reference": "rhacm2/acm-must-gather-rhel8@sha256:4ede1e02b3574cc788867b443a745dcc75d35abad1b53f24159c5bd29c200821_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-must-gather-rhel8@sha256:dda9d7c21f0ed27d0362402e7b5ce2883ab00b5122c1183b62072b7b2f558d8c_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:dda9d7c21f0ed27d0362402e7b5ce2883ab00b5122c1183b62072b7b2f558d8c_s390x" }, "product_reference": "rhacm2/acm-must-gather-rhel8@sha256:dda9d7c21f0ed27d0362402e7b5ce2883ab00b5122c1183b62072b7b2f558d8c_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-must-gather-rhel8@sha256:f44b26dc661c6d88ac3608d99d0dce9ad05d71b43402e01377ba0f367cbe73ff_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:f44b26dc661c6d88ac3608d99d0dce9ad05d71b43402e01377ba0f367cbe73ff_amd64" }, "product_reference": "rhacm2/acm-must-gather-rhel8@sha256:f44b26dc661c6d88ac3608d99d0dce9ad05d71b43402e01377ba0f367cbe73ff_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-operator-bundle@sha256:5974496dcb98fb518cff7eb1d65fa84b44ca498d6b226715815152e4da018257_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:5974496dcb98fb518cff7eb1d65fa84b44ca498d6b226715815152e4da018257_s390x" }, "product_reference": "rhacm2/acm-operator-bundle@sha256:5974496dcb98fb518cff7eb1d65fa84b44ca498d6b226715815152e4da018257_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-operator-bundle@sha256:d211ac3abd79d3fbbfbe78f9c2f1886ff9e289fe01934d6e0f9f0797c6fba39b_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:d211ac3abd79d3fbbfbe78f9c2f1886ff9e289fe01934d6e0f9f0797c6fba39b_amd64" }, "product_reference": "rhacm2/acm-operator-bundle@sha256:d211ac3abd79d3fbbfbe78f9c2f1886ff9e289fe01934d6e0f9f0797c6fba39b_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-operator-bundle@sha256:fe1d26d24fd371f2d104d34ac91d604d250361ac35cadfb0841998f5afb44788_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:fe1d26d24fd371f2d104d34ac91d604d250361ac35cadfb0841998f5afb44788_ppc64le" }, "product_reference": "rhacm2/acm-operator-bundle@sha256:fe1d26d24fd371f2d104d34ac91d604d250361ac35cadfb0841998f5afb44788_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0cb8bc0ed7d77f5a21023dbe793bf9e56e36dbbc7488f5998c999c7593e55e73_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0cb8bc0ed7d77f5a21023dbe793bf9e56e36dbbc7488f5998c999c7593e55e73_s390x" }, "product_reference": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0cb8bc0ed7d77f5a21023dbe793bf9e56e36dbbc7488f5998c999c7593e55e73_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:3e5827095c132f2f8c0fb4a413c32c1b6bfd11a5f759c2eb18f22b1bf8f57a64_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:3e5827095c132f2f8c0fb4a413c32c1b6bfd11a5f759c2eb18f22b1bf8f57a64_arm64" }, "product_reference": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:3e5827095c132f2f8c0fb4a413c32c1b6bfd11a5f759c2eb18f22b1bf8f57a64_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:b7fe05d3c00a3e14691f7aeeac2adc8b278254c91341a82b04861aec1fdc2544_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:b7fe05d3c00a3e14691f7aeeac2adc8b278254c91341a82b04861aec1fdc2544_amd64" }, "product_reference": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:b7fe05d3c00a3e14691f7aeeac2adc8b278254c91341a82b04861aec1fdc2544_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:cc25f7b4a426d4ad2bbd5769b4f22581ea50170fc743a8237f7fd07b7a2957a9_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:cc25f7b4a426d4ad2bbd5769b4f22581ea50170fc743a8237f7fd07b7a2957a9_ppc64le" }, "product_reference": "rhacm2/acm-prometheus-config-reloader-rhel8@sha256:cc25f7b4a426d4ad2bbd5769b4f22581ea50170fc743a8237f7fd07b7a2957a9_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-rhel8@sha256:0110e8b7af143ead3c278a00375ba016bc46160dbfac15a151a9d929ffbb781c_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:0110e8b7af143ead3c278a00375ba016bc46160dbfac15a151a9d929ffbb781c_ppc64le" }, "product_reference": "rhacm2/acm-prometheus-rhel8@sha256:0110e8b7af143ead3c278a00375ba016bc46160dbfac15a151a9d929ffbb781c_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-rhel8@sha256:a150ebba0dea0ddc16fe23701ba0400c0d1c62ba9ad34e44fd87d0257caee932_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:a150ebba0dea0ddc16fe23701ba0400c0d1c62ba9ad34e44fd87d0257caee932_amd64" }, "product_reference": "rhacm2/acm-prometheus-rhel8@sha256:a150ebba0dea0ddc16fe23701ba0400c0d1c62ba9ad34e44fd87d0257caee932_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-rhel8@sha256:a31024043f963ee49a4eaab131085952742ef082e1c47cc676998d6dcf207a6f_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:a31024043f963ee49a4eaab131085952742ef082e1c47cc676998d6dcf207a6f_s390x" }, "product_reference": "rhacm2/acm-prometheus-rhel8@sha256:a31024043f963ee49a4eaab131085952742ef082e1c47cc676998d6dcf207a6f_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-prometheus-rhel8@sha256:faf61986493ad09657d5bd3aa31a93363b9c231a87ad8dc69d8dcb1b5ebeb500_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:faf61986493ad09657d5bd3aa31a93363b9c231a87ad8dc69d8dcb1b5ebeb500_arm64" }, "product_reference": "rhacm2/acm-prometheus-rhel8@sha256:faf61986493ad09657d5bd3aa31a93363b9c231a87ad8dc69d8dcb1b5ebeb500_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:1b575eba8b7d2379cd04974fab889ccaf671875923e0904053a2896cf431e925_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:1b575eba8b7d2379cd04974fab889ccaf671875923e0904053a2896cf431e925_arm64" }, "product_reference": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:1b575eba8b7d2379cd04974fab889ccaf671875923e0904053a2896cf431e925_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:6292d00742228851ab7832e2852827df767492a2401d65dd420c8b0aeee24e97_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:6292d00742228851ab7832e2852827df767492a2401d65dd420c8b0aeee24e97_ppc64le" }, "product_reference": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:6292d00742228851ab7832e2852827df767492a2401d65dd420c8b0aeee24e97_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:7dc6c8a7939703d32323f7808810b1358aa34c080e1171cf7e5cb2a5a79e86ce_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:7dc6c8a7939703d32323f7808810b1358aa34c080e1171cf7e5cb2a5a79e86ce_s390x" }, "product_reference": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:7dc6c8a7939703d32323f7808810b1358aa34c080e1171cf7e5cb2a5a79e86ce_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:f3a2b0b31436ea31e3abbd4b61792b360143f3e00013aab65a8bd78973959369_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:f3a2b0b31436ea31e3abbd4b61792b360143f3e00013aab65a8bd78973959369_amd64" }, "product_reference": "rhacm2/acm-volsync-addon-controller-rhel8@sha256:f3a2b0b31436ea31e3abbd4b61792b360143f3e00013aab65a8bd78973959369_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:19b56fec5b0398f1193e4695831d198ac88a75e496bc01c66ad25a92ad338f3b_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:19b56fec5b0398f1193e4695831d198ac88a75e496bc01c66ad25a92ad338f3b_amd64" }, "product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:19b56fec5b0398f1193e4695831d198ac88a75e496bc01c66ad25a92ad338f3b_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:2e83f766397a03678513afb6cf6a797e5266c4acd65117413e1f0e780b2ed54b_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:2e83f766397a03678513afb6cf6a797e5266c4acd65117413e1f0e780b2ed54b_ppc64le" }, "product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:2e83f766397a03678513afb6cf6a797e5266c4acd65117413e1f0e780b2ed54b_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:c3688d17fdae2a92ac51771fff354666ae0caaa298dc155e477a43b4f5c56133_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:c3688d17fdae2a92ac51771fff354666ae0caaa298dc155e477a43b4f5c56133_s390x" }, "product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:c3688d17fdae2a92ac51771fff354666ae0caaa298dc155e477a43b4f5c56133_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cert-policy-controller-rhel8@sha256:eed520e609ffffce2fc428a4d1a8c18d824ff5b74582760ccc85dcdfbfe0c5a0_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:eed520e609ffffce2fc428a4d1a8c18d824ff5b74582760ccc85dcdfbfe0c5a0_arm64" }, "product_reference": "rhacm2/cert-policy-controller-rhel8@sha256:eed520e609ffffce2fc428a4d1a8c18d824ff5b74582760ccc85dcdfbfe0c5a0_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:0bcd60d96620d8ca69bd8062234c8bf7b12c4ae584ac9b6278270915204a23f4_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:0bcd60d96620d8ca69bd8062234c8bf7b12c4ae584ac9b6278270915204a23f4_arm64" }, "product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:0bcd60d96620d8ca69bd8062234c8bf7b12c4ae584ac9b6278270915204a23f4_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:48efa4484d7892fcc0c282a06ab4e1183d9c6372f42fd309ca14e224ea33e9e7_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:48efa4484d7892fcc0c282a06ab4e1183d9c6372f42fd309ca14e224ea33e9e7_ppc64le" }, "product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:48efa4484d7892fcc0c282a06ab4e1183d9c6372f42fd309ca14e224ea33e9e7_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:5adb81f731b8399658946e6adadb67588f31d8edf3affbddfd7587afe0b487ae_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:5adb81f731b8399658946e6adadb67588f31d8edf3affbddfd7587afe0b487ae_s390x" }, "product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:5adb81f731b8399658946e6adadb67588f31d8edf3affbddfd7587afe0b487ae_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/cluster-backup-rhel8-operator@sha256:f5d5a6f7de76cee2d3b1619f3d5fcf75194aacb4bc12d5d4c201bab4d5597ee2_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:f5d5a6f7de76cee2d3b1619f3d5fcf75194aacb4bc12d5d4c201bab4d5597ee2_amd64" }, "product_reference": "rhacm2/cluster-backup-rhel8-operator@sha256:f5d5a6f7de76cee2d3b1619f3d5fcf75194aacb4bc12d5d4c201bab4d5597ee2_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/config-policy-controller-rhel8@sha256:28e34470e1ec3c0b1ced4842a3479b3fba9cc9607aa5470c5b17590e1ca4bc6a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:28e34470e1ec3c0b1ced4842a3479b3fba9cc9607aa5470c5b17590e1ca4bc6a_amd64" }, "product_reference": "rhacm2/config-policy-controller-rhel8@sha256:28e34470e1ec3c0b1ced4842a3479b3fba9cc9607aa5470c5b17590e1ca4bc6a_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/config-policy-controller-rhel8@sha256:49a48119aeb0fb449f65a50017f26abac02a4885b614d0c9e3eb8ab73ba7eb37_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:49a48119aeb0fb449f65a50017f26abac02a4885b614d0c9e3eb8ab73ba7eb37_ppc64le" }, "product_reference": "rhacm2/config-policy-controller-rhel8@sha256:49a48119aeb0fb449f65a50017f26abac02a4885b614d0c9e3eb8ab73ba7eb37_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/config-policy-controller-rhel8@sha256:61a33bef5ae4af5437a3c8c3e2ed1070e034a1795c40dc2f037362056c6efe30_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:61a33bef5ae4af5437a3c8c3e2ed1070e034a1795c40dc2f037362056c6efe30_arm64" }, "product_reference": "rhacm2/config-policy-controller-rhel8@sha256:61a33bef5ae4af5437a3c8c3e2ed1070e034a1795c40dc2f037362056c6efe30_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/config-policy-controller-rhel8@sha256:80b49ccd71c92b359e8d872e47e8c5c5f8cc4d538fe5d62f1866b30d012ad0ab_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:80b49ccd71c92b359e8d872e47e8c5c5f8cc4d538fe5d62f1866b30d012ad0ab_s390x" }, "product_reference": "rhacm2/config-policy-controller-rhel8@sha256:80b49ccd71c92b359e8d872e47e8c5c5f8cc4d538fe5d62f1866b30d012ad0ab_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/console-rhel8@sha256:6a0d8b3b5245d310b97053106f3efd1bad5c9f36a0e1e95d7a8422203a79c9ce_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:6a0d8b3b5245d310b97053106f3efd1bad5c9f36a0e1e95d7a8422203a79c9ce_s390x" }, "product_reference": "rhacm2/console-rhel8@sha256:6a0d8b3b5245d310b97053106f3efd1bad5c9f36a0e1e95d7a8422203a79c9ce_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/console-rhel8@sha256:75b36663fe8d8cf2893f493506de374b2e5a92300e38c2de25286cbdadc28a5f_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:75b36663fe8d8cf2893f493506de374b2e5a92300e38c2de25286cbdadc28a5f_arm64" }, "product_reference": "rhacm2/console-rhel8@sha256:75b36663fe8d8cf2893f493506de374b2e5a92300e38c2de25286cbdadc28a5f_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/console-rhel8@sha256:9f39582360916bb4b1992246996e3aa74acc45df687532ac633c6ba2355bf312_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:9f39582360916bb4b1992246996e3aa74acc45df687532ac633c6ba2355bf312_ppc64le" }, "product_reference": "rhacm2/console-rhel8@sha256:9f39582360916bb4b1992246996e3aa74acc45df687532ac633c6ba2355bf312_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/console-rhel8@sha256:d704cbfd52ffc28600576014b2252f6bd68c24510fdec9fd07983e7a1d71abac_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:d704cbfd52ffc28600576014b2252f6bd68c24510fdec9fd07983e7a1d71abac_amd64" }, "product_reference": "rhacm2/console-rhel8@sha256:d704cbfd52ffc28600576014b2252f6bd68c24510fdec9fd07983e7a1d71abac_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:369ff114990cffe175afce158b43b5961036970a98fbbdf215b4bd79ca453208_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:369ff114990cffe175afce158b43b5961036970a98fbbdf215b4bd79ca453208_arm64" }, "product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:369ff114990cffe175afce158b43b5961036970a98fbbdf215b4bd79ca453208_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:3a0845abe6f3eb7daea9f7be70146c50157422ec08c4729e5d03afc0071b1b95_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:3a0845abe6f3eb7daea9f7be70146c50157422ec08c4729e5d03afc0071b1b95_amd64" }, "product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:3a0845abe6f3eb7daea9f7be70146c50157422ec08c4729e5d03afc0071b1b95_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:60ffd918bb2555301ff77cc9aa0ed07b972055f5e3479cd272e2a37a25f6dca9_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:60ffd918bb2555301ff77cc9aa0ed07b972055f5e3479cd272e2a37a25f6dca9_s390x" }, "product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:60ffd918bb2555301ff77cc9aa0ed07b972055f5e3479cd272e2a37a25f6dca9_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:b34190c8bcba479316ca98b8970927b6ce186c976c158c8f366e8bd7d4b001ad_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:b34190c8bcba479316ca98b8970927b6ce186c976c158c8f366e8bd7d4b001ad_ppc64le" }, "product_reference": "rhacm2/endpoint-monitoring-rhel8-operator@sha256:b34190c8bcba479316ca98b8970927b6ce186c976c158c8f366e8bd7d4b001ad_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:36311cf8452859515d1f38890c24be9a2700f57c56aa400899d055b115fa584c_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:36311cf8452859515d1f38890c24be9a2700f57c56aa400899d055b115fa584c_s390x" }, "product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:36311cf8452859515d1f38890c24be9a2700f57c56aa400899d055b115fa584c_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:b38271d78dbbb935d43a2f17f8b094c082f625fee82054457e2cd39fa0351994_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:b38271d78dbbb935d43a2f17f8b094c082f625fee82054457e2cd39fa0351994_amd64" }, "product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:b38271d78dbbb935d43a2f17f8b094c082f625fee82054457e2cd39fa0351994_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:c35e75613bd4ca07ed9e3191daaca9597b6565908cdf7d08983ba2b6b48396e3_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:c35e75613bd4ca07ed9e3191daaca9597b6565908cdf7d08983ba2b6b48396e3_ppc64le" }, "product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:c35e75613bd4ca07ed9e3191daaca9597b6565908cdf7d08983ba2b6b48396e3_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-propagator-rhel8@sha256:f95041614179ec6b26333e673f7e7975853d16ee3657671ca23ab7127a4eb6a0_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:f95041614179ec6b26333e673f7e7975853d16ee3657671ca23ab7127a4eb6a0_arm64" }, "product_reference": "rhacm2/governance-policy-propagator-rhel8@sha256:f95041614179ec6b26333e673f7e7975853d16ee3657671ca23ab7127a4eb6a0_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:bab9db88a656cc8727c9b571644cc674212d338e7f4a9bc85d7225c80474926e_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:bab9db88a656cc8727c9b571644cc674212d338e7f4a9bc85d7225c80474926e_arm64" }, "product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:bab9db88a656cc8727c9b571644cc674212d338e7f4a9bc85d7225c80474926e_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:c08b6982d29a81ae3a773df997d072dfd9ce75730550d36b3e0b3824b5bd7ea9_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:c08b6982d29a81ae3a773df997d072dfd9ce75730550d36b3e0b3824b5bd7ea9_ppc64le" }, "product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:c08b6982d29a81ae3a773df997d072dfd9ce75730550d36b3e0b3824b5bd7ea9_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:cbc36059b752e976905b0229c11cae97e6f337d12025d23d87a307ad73ae6716_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:cbc36059b752e976905b0229c11cae97e6f337d12025d23d87a307ad73ae6716_amd64" }, "product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:cbc36059b752e976905b0229c11cae97e6f337d12025d23d87a307ad73ae6716_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-spec-sync-rhel8@sha256:d4d0e7ba33b9e6d6587ce1b28ec25adc1e089d501d877d89ca648b63fb2a277e_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:d4d0e7ba33b9e6d6587ce1b28ec25adc1e089d501d877d89ca648b63fb2a277e_s390x" }, "product_reference": "rhacm2/governance-policy-spec-sync-rhel8@sha256:d4d0e7ba33b9e6d6587ce1b28ec25adc1e089d501d877d89ca648b63fb2a277e_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:85c62dda998b2a54a085bdf0c6ab1c3c82e600e1e02c1bb68924f526b6b9068d_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:85c62dda998b2a54a085bdf0c6ab1c3c82e600e1e02c1bb68924f526b6b9068d_arm64" }, "product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:85c62dda998b2a54a085bdf0c6ab1c3c82e600e1e02c1bb68924f526b6b9068d_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:93565ddd2b6e23cf9617182568d0857615c47e38876dffbe2487f94bcec24028_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:93565ddd2b6e23cf9617182568d0857615c47e38876dffbe2487f94bcec24028_ppc64le" }, "product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:93565ddd2b6e23cf9617182568d0857615c47e38876dffbe2487f94bcec24028_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:d21e99b074aa214bc51067968b914c8379e198436d57ea747df4338607b93d48_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:d21e99b074aa214bc51067968b914c8379e198436d57ea747df4338607b93d48_amd64" }, "product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:d21e99b074aa214bc51067968b914c8379e198436d57ea747df4338607b93d48_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-status-sync-rhel8@sha256:e3676c01071ea21f4fac104f37498fdf5b3fba1a179ba9cc711e6fcec30e82e8_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:e3676c01071ea21f4fac104f37498fdf5b3fba1a179ba9cc711e6fcec30e82e8_s390x" }, "product_reference": "rhacm2/governance-policy-status-sync-rhel8@sha256:e3676c01071ea21f4fac104f37498fdf5b3fba1a179ba9cc711e6fcec30e82e8_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:1eb6675c10505c3879114b1943b507e0fbfa25f036a5f16135620e45dbf7658c_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:1eb6675c10505c3879114b1943b507e0fbfa25f036a5f16135620e45dbf7658c_s390x" }, "product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:1eb6675c10505c3879114b1943b507e0fbfa25f036a5f16135620e45dbf7658c_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:7f3571c3b232b867dbcc84cebc2da8f12d1c9a56ddaabd21eac5cc7baab1e3b5_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:7f3571c3b232b867dbcc84cebc2da8f12d1c9a56ddaabd21eac5cc7baab1e3b5_ppc64le" }, "product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:7f3571c3b232b867dbcc84cebc2da8f12d1c9a56ddaabd21eac5cc7baab1e3b5_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:ab113018e018c9832c611bec3a264b0d153f2a0eb0b627fe7dafb5b696ad27ed_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:ab113018e018c9832c611bec3a264b0d153f2a0eb0b627fe7dafb5b696ad27ed_arm64" }, "product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:ab113018e018c9832c611bec3a264b0d153f2a0eb0b627fe7dafb5b696ad27ed_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/governance-policy-template-sync-rhel8@sha256:eef6778e228371853f242025a102c4208c90c34f4cafab01bcff8c61c402c964_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:eef6778e228371853f242025a102c4208c90c34f4cafab01bcff8c61c402c964_amd64" }, "product_reference": "rhacm2/governance-policy-template-sync-rhel8@sha256:eef6778e228371853f242025a102c4208c90c34f4cafab01bcff8c61c402c964_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:12527f1a5d2344e97afa8b0617e1e88641b3c49887ecb443354a2c2bc43ece44_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:12527f1a5d2344e97afa8b0617e1e88641b3c49887ecb443354a2c2bc43ece44_arm64" }, "product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:12527f1a5d2344e97afa8b0617e1e88641b3c49887ecb443354a2c2bc43ece44_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:1821593db2c0ca2390d7b79599d725cdd1ce97a48283d7e43b87bd3bc91f3d6a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:1821593db2c0ca2390d7b79599d725cdd1ce97a48283d7e43b87bd3bc91f3d6a_amd64" }, "product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:1821593db2c0ca2390d7b79599d725cdd1ce97a48283d7e43b87bd3bc91f3d6a_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:5a7e21a5e3541b9c0a0bb054af74ec83932cf89cabd577c3a8362e50ac4fc5e8_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:5a7e21a5e3541b9c0a0bb054af74ec83932cf89cabd577c3a8362e50ac4fc5e8_ppc64le" }, "product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:5a7e21a5e3541b9c0a0bb054af74ec83932cf89cabd577c3a8362e50ac4fc5e8_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/grafana-dashboard-loader-rhel8@sha256:80418945860182a602c612527776d46f785d3559f785830f7c6e82393d19cb4d_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:80418945860182a602c612527776d46f785d3559f785830f7c6e82393d19cb4d_s390x" }, "product_reference": "rhacm2/grafana-dashboard-loader-rhel8@sha256:80418945860182a602c612527776d46f785d3559f785830f7c6e82393d19cb4d_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:06fb15f2fa6bed947eb7ca0f0e8d0cf70f06e66b27aaa693c870588d27d1c177_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:06fb15f2fa6bed947eb7ca0f0e8d0cf70f06e66b27aaa693c870588d27d1c177_ppc64le" }, "product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:06fb15f2fa6bed947eb7ca0f0e8d0cf70f06e66b27aaa693c870588d27d1c177_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:5c6a3d48b7cb1e8232982c5eac1a2b4387c282dfd605e2a557bec96f1f933f6d_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:5c6a3d48b7cb1e8232982c5eac1a2b4387c282dfd605e2a557bec96f1f933f6d_s390x" }, "product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:5c6a3d48b7cb1e8232982c5eac1a2b4387c282dfd605e2a557bec96f1f933f6d_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:80485bb799315ca749c41e97c4c7c03077812f6042e58d8074664e3f43b7f089_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:80485bb799315ca749c41e97c4c7c03077812f6042e58d8074664e3f43b7f089_amd64" }, "product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:80485bb799315ca749c41e97c4c7c03077812f6042e58d8074664e3f43b7f089_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/iam-policy-controller-rhel8@sha256:a0bd2dc5b2821c1ee0bf8f898a3a164514fc24bbe0bb4a12951eb85f0fd9d0b9_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:a0bd2dc5b2821c1ee0bf8f898a3a164514fc24bbe0bb4a12951eb85f0fd9d0b9_arm64" }, "product_reference": "rhacm2/iam-policy-controller-rhel8@sha256:a0bd2dc5b2821c1ee0bf8f898a3a164514fc24bbe0bb4a12951eb85f0fd9d0b9_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-client-rhel8@sha256:321a39f4bb988e5e9c939408d6b8bbb1e028fe77fe8677ef2c0772b518721844_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:321a39f4bb988e5e9c939408d6b8bbb1e028fe77fe8677ef2c0772b518721844_ppc64le" }, "product_reference": "rhacm2/insights-client-rhel8@sha256:321a39f4bb988e5e9c939408d6b8bbb1e028fe77fe8677ef2c0772b518721844_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-client-rhel8@sha256:552124adf595742d3a825333527f832a0550c0ad2c1e696f4deb7f036398ed40_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:552124adf595742d3a825333527f832a0550c0ad2c1e696f4deb7f036398ed40_arm64" }, "product_reference": "rhacm2/insights-client-rhel8@sha256:552124adf595742d3a825333527f832a0550c0ad2c1e696f4deb7f036398ed40_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-client-rhel8@sha256:67a073c946ec93ebc804e0659cef7adeafc2374cd50078213e5fdb9ea0ab39df_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:67a073c946ec93ebc804e0659cef7adeafc2374cd50078213e5fdb9ea0ab39df_amd64" }, "product_reference": "rhacm2/insights-client-rhel8@sha256:67a073c946ec93ebc804e0659cef7adeafc2374cd50078213e5fdb9ea0ab39df_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-client-rhel8@sha256:bc072c76f3859a263c3d16910d35970be75b2e5f38372e8fdaf2d3aafbac56a0_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:bc072c76f3859a263c3d16910d35970be75b2e5f38372e8fdaf2d3aafbac56a0_s390x" }, "product_reference": "rhacm2/insights-client-rhel8@sha256:bc072c76f3859a263c3d16910d35970be75b2e5f38372e8fdaf2d3aafbac56a0_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-metrics-rhel8@sha256:185312f710adba3946767f8a9780d2b34a3d7f3f9817b34474b99cd5208bf7b6_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:185312f710adba3946767f8a9780d2b34a3d7f3f9817b34474b99cd5208bf7b6_arm64" }, "product_reference": "rhacm2/insights-metrics-rhel8@sha256:185312f710adba3946767f8a9780d2b34a3d7f3f9817b34474b99cd5208bf7b6_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-metrics-rhel8@sha256:6ee6966426237d620c6a6c6689c3a9f92402c1dee4705cb211b96fcf3c313206_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:6ee6966426237d620c6a6c6689c3a9f92402c1dee4705cb211b96fcf3c313206_ppc64le" }, "product_reference": "rhacm2/insights-metrics-rhel8@sha256:6ee6966426237d620c6a6c6689c3a9f92402c1dee4705cb211b96fcf3c313206_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-metrics-rhel8@sha256:a3282b636b15d635dd3efc864401745b7b498f1c479f53e3a433fec7911f8394_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:a3282b636b15d635dd3efc864401745b7b498f1c479f53e3a433fec7911f8394_amd64" }, "product_reference": "rhacm2/insights-metrics-rhel8@sha256:a3282b636b15d635dd3efc864401745b7b498f1c479f53e3a433fec7911f8394_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/insights-metrics-rhel8@sha256:ff06b32d082d92e28c1717004064d3c7d86bfd0216397c945c15728a6ee215ef_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:ff06b32d082d92e28c1717004064d3c7d86bfd0216397c945c15728a6ee215ef_s390x" }, "product_reference": "rhacm2/insights-metrics-rhel8@sha256:ff06b32d082d92e28c1717004064d3c7d86bfd0216397c945c15728a6ee215ef_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:504ca7e02b98a87d8ba9133af0edb696f4e678544c0525db88e07493bf453b77_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:504ca7e02b98a87d8ba9133af0edb696f4e678544c0525db88e07493bf453b77_ppc64le" }, "product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:504ca7e02b98a87d8ba9133af0edb696f4e678544c0525db88e07493bf453b77_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:7563def4a9aaa7919df519c6d8003e0a7ca809c4a5060de2452f07ba30814b23_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:7563def4a9aaa7919df519c6d8003e0a7ca809c4a5060de2452f07ba30814b23_amd64" }, "product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:7563def4a9aaa7919df519c6d8003e0a7ca809c4a5060de2452f07ba30814b23_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:797874e0775333e4a49efccafb02457047626957bdbb1433daf23760971ced06_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:797874e0775333e4a49efccafb02457047626957bdbb1433daf23760971ced06_s390x" }, "product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:797874e0775333e4a49efccafb02457047626957bdbb1433daf23760971ced06_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/klusterlet-addon-controller-rhel8@sha256:ca3e4476b47ec7ee11f0ff337199476e6003acc49a52628a31e658d2e2a57964_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:ca3e4476b47ec7ee11f0ff337199476e6003acc49a52628a31e658d2e2a57964_arm64" }, "product_reference": "rhacm2/klusterlet-addon-controller-rhel8@sha256:ca3e4476b47ec7ee11f0ff337199476e6003acc49a52628a31e658d2e2a57964_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:84512ecf696a455eda78faee46c67d133233cfc83c6cb9c94bac6e48f3a9f18a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:84512ecf696a455eda78faee46c67d133233cfc83c6cb9c94bac6e48f3a9f18a_ppc64le" }, "product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:84512ecf696a455eda78faee46c67d133233cfc83c6cb9c94bac6e48f3a9f18a_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:93e3fd0ed70942cd139f9aa69cb1b554a9f233bcd9dee4ae6677884d1761bdbd_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:93e3fd0ed70942cd139f9aa69cb1b554a9f233bcd9dee4ae6677884d1761bdbd_amd64" }, "product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:93e3fd0ed70942cd139f9aa69cb1b554a9f233bcd9dee4ae6677884d1761bdbd_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:a00401a78d20c87e74af58c3c863b96aac34a5a64d12e5b555ed9afdebee46de_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:a00401a78d20c87e74af58c3c863b96aac34a5a64d12e5b555ed9afdebee46de_arm64" }, "product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:a00401a78d20c87e74af58c3c863b96aac34a5a64d12e5b555ed9afdebee46de_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-rbac-proxy-rhel8@sha256:fd688c4075f922cbe83adcb086ff46a532305254b5afe9a4e47da04834a23a5a_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:fd688c4075f922cbe83adcb086ff46a532305254b5afe9a4e47da04834a23a5a_s390x" }, "product_reference": "rhacm2/kube-rbac-proxy-rhel8@sha256:fd688c4075f922cbe83adcb086ff46a532305254b5afe9a4e47da04834a23a5a_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:0b80b5dfafea88c4622f2aab35cbbe9816be4c3f6efc0a95c9038f16a910aa84_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:0b80b5dfafea88c4622f2aab35cbbe9816be4c3f6efc0a95c9038f16a910aa84_amd64" }, "product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:0b80b5dfafea88c4622f2aab35cbbe9816be4c3f6efc0a95c9038f16a910aa84_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:58d091cc31aaaf066a26e313fa6c412e1f871693c55d4baa11637a00ee37cd4b_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:58d091cc31aaaf066a26e313fa6c412e1f871693c55d4baa11637a00ee37cd4b_arm64" }, "product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:58d091cc31aaaf066a26e313fa6c412e1f871693c55d4baa11637a00ee37cd4b_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:791c3a0554c9da69b7019389c5fa76db9c1520e90a0d8b308337480817f3497f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:791c3a0554c9da69b7019389c5fa76db9c1520e90a0d8b308337480817f3497f_ppc64le" }, "product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:791c3a0554c9da69b7019389c5fa76db9c1520e90a0d8b308337480817f3497f_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/kube-state-metrics-rhel8@sha256:ef2946f0a6f2d46dd41ddb074dc570ab34eadd1abfc4ed0ef71ab3821c3e5b06_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:ef2946f0a6f2d46dd41ddb074dc570ab34eadd1abfc4ed0ef71ab3821c3e5b06_s390x" }, "product_reference": "rhacm2/kube-state-metrics-rhel8@sha256:ef2946f0a6f2d46dd41ddb074dc570ab34eadd1abfc4ed0ef71ab3821c3e5b06_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/management-ingress-rhel8@sha256:519209c863b2aac1fd7dc8ecb130f73ad122935e166066d1d6405396f00aa434_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:519209c863b2aac1fd7dc8ecb130f73ad122935e166066d1d6405396f00aa434_arm64" }, "product_reference": "rhacm2/management-ingress-rhel8@sha256:519209c863b2aac1fd7dc8ecb130f73ad122935e166066d1d6405396f00aa434_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/management-ingress-rhel8@sha256:58775de0ea7bc5d9ca4545b0c93c0bab71d0c4e0bcc21e86bc6f6e799875ff23_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:58775de0ea7bc5d9ca4545b0c93c0bab71d0c4e0bcc21e86bc6f6e799875ff23_s390x" }, "product_reference": "rhacm2/management-ingress-rhel8@sha256:58775de0ea7bc5d9ca4545b0c93c0bab71d0c4e0bcc21e86bc6f6e799875ff23_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/management-ingress-rhel8@sha256:bd540cc538e2665a17665b07f5053b5b4402319af6959c384b279d152348d26e_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:bd540cc538e2665a17665b07f5053b5b4402319af6959c384b279d152348d26e_ppc64le" }, "product_reference": "rhacm2/management-ingress-rhel8@sha256:bd540cc538e2665a17665b07f5053b5b4402319af6959c384b279d152348d26e_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/management-ingress-rhel8@sha256:f8c4d907139b78e05905be1b1a2005fcf1e1a8f86b811c8434c8d87131704806_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:f8c4d907139b78e05905be1b1a2005fcf1e1a8f86b811c8434c8d87131704806_amd64" }, "product_reference": "rhacm2/management-ingress-rhel8@sha256:f8c4d907139b78e05905be1b1a2005fcf1e1a8f86b811c8434c8d87131704806_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-exporter-rhel8@sha256:15b0ce69868674b0f82ae4baf3590a54e01d9ebcc9dbc793e31f923289f8a975_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:15b0ce69868674b0f82ae4baf3590a54e01d9ebcc9dbc793e31f923289f8a975_s390x" }, "product_reference": "rhacm2/memcached-exporter-rhel8@sha256:15b0ce69868674b0f82ae4baf3590a54e01d9ebcc9dbc793e31f923289f8a975_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-exporter-rhel8@sha256:4178399ac2e7fad92f077b0c33d653aabeddba0c2a52f168e691549ad1cc9726_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:4178399ac2e7fad92f077b0c33d653aabeddba0c2a52f168e691549ad1cc9726_arm64" }, "product_reference": "rhacm2/memcached-exporter-rhel8@sha256:4178399ac2e7fad92f077b0c33d653aabeddba0c2a52f168e691549ad1cc9726_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-exporter-rhel8@sha256:4812b505722334bcb9fda21fcbaa22154d77d045528ed014e6c98b205037aa27_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:4812b505722334bcb9fda21fcbaa22154d77d045528ed014e6c98b205037aa27_ppc64le" }, "product_reference": "rhacm2/memcached-exporter-rhel8@sha256:4812b505722334bcb9fda21fcbaa22154d77d045528ed014e6c98b205037aa27_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-exporter-rhel8@sha256:ff7140ddb5a1fce8c1020c779ff1d5050f019d24f739d4925857ea6d5a4dd79a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:ff7140ddb5a1fce8c1020c779ff1d5050f019d24f739d4925857ea6d5a4dd79a_amd64" }, "product_reference": "rhacm2/memcached-exporter-rhel8@sha256:ff7140ddb5a1fce8c1020c779ff1d5050f019d24f739d4925857ea6d5a4dd79a_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-rhel8@sha256:55869d62acabc78675fb3f926d45f6630f03ff380af76665eb36f3bd1ea17092_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:55869d62acabc78675fb3f926d45f6630f03ff380af76665eb36f3bd1ea17092_ppc64le" }, "product_reference": "rhacm2/memcached-rhel8@sha256:55869d62acabc78675fb3f926d45f6630f03ff380af76665eb36f3bd1ea17092_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-rhel8@sha256:73d392672b8d9a1a2df91e47294f688d6747ff1ae5e9b8246b5cb58ca0c7f176_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:73d392672b8d9a1a2df91e47294f688d6747ff1ae5e9b8246b5cb58ca0c7f176_arm64" }, "product_reference": "rhacm2/memcached-rhel8@sha256:73d392672b8d9a1a2df91e47294f688d6747ff1ae5e9b8246b5cb58ca0c7f176_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-rhel8@sha256:f354c65db51cbe4085d9ea8b0c8154ab50ace724373600aa2ef2da17ef32a4ab_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:f354c65db51cbe4085d9ea8b0c8154ab50ace724373600aa2ef2da17ef32a4ab_amd64" }, "product_reference": "rhacm2/memcached-rhel8@sha256:f354c65db51cbe4085d9ea8b0c8154ab50ace724373600aa2ef2da17ef32a4ab_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/memcached-rhel8@sha256:fd666a970e27a34561fc0ec031d86f2e7f453e3865e68289dc5b592387dcad70_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:fd666a970e27a34561fc0ec031d86f2e7f453e3865e68289dc5b592387dcad70_s390x" }, "product_reference": "rhacm2/memcached-rhel8@sha256:fd666a970e27a34561fc0ec031d86f2e7f453e3865e68289dc5b592387dcad70_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/metrics-collector-rhel8@sha256:3873c526806dd32fe77619f276daf32444897abb706557cc63aaf6ab17e89e49_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:3873c526806dd32fe77619f276daf32444897abb706557cc63aaf6ab17e89e49_arm64" }, "product_reference": "rhacm2/metrics-collector-rhel8@sha256:3873c526806dd32fe77619f276daf32444897abb706557cc63aaf6ab17e89e49_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/metrics-collector-rhel8@sha256:39501eeb312f7b4a13a0fc0420e4f06af944f7c81688e3a9430975e8579d4a20_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:39501eeb312f7b4a13a0fc0420e4f06af944f7c81688e3a9430975e8579d4a20_amd64" }, "product_reference": "rhacm2/metrics-collector-rhel8@sha256:39501eeb312f7b4a13a0fc0420e4f06af944f7c81688e3a9430975e8579d4a20_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/metrics-collector-rhel8@sha256:dc64483b0208b0a1cc1fbc463364f58ac7aab2eaa259c4f4e8e78ccaf89d2998_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:dc64483b0208b0a1cc1fbc463364f58ac7aab2eaa259c4f4e8e78ccaf89d2998_s390x" }, "product_reference": "rhacm2/metrics-collector-rhel8@sha256:dc64483b0208b0a1cc1fbc463364f58ac7aab2eaa259c4f4e8e78ccaf89d2998_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/metrics-collector-rhel8@sha256:dff76ab0cc28c3c4e7e588a421514e0c9041c50eb17071fdd9b1939015ed2ff0_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:dff76ab0cc28c3c4e7e588a421514e0c9041c50eb17071fdd9b1939015ed2ff0_ppc64le" }, "product_reference": "rhacm2/metrics-collector-rhel8@sha256:dff76ab0cc28c3c4e7e588a421514e0c9041c50eb17071fdd9b1939015ed2ff0_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:2cac0b4e4c1093a726dde6fdc59cb2023dde20a7ca62f6ab7644953f4b02daa4_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:2cac0b4e4c1093a726dde6fdc59cb2023dde20a7ca62f6ab7644953f4b02daa4_ppc64le" }, "product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:2cac0b4e4c1093a726dde6fdc59cb2023dde20a7ca62f6ab7644953f4b02daa4_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:979e3786edd600e094a69d279701a42f6330b000957fd8ea4a12c85cbff04df2_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:979e3786edd600e094a69d279701a42f6330b000957fd8ea4a12c85cbff04df2_amd64" }, "product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:979e3786edd600e094a69d279701a42f6330b000957fd8ea4a12c85cbff04df2_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:bb4fda4fdce6dcf70c3aae9c8d3ab9cf0c8c37c148558b9cf66872045dc3a1dd_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:bb4fda4fdce6dcf70c3aae9c8d3ab9cf0c8c37c148558b9cf66872045dc3a1dd_s390x" }, "product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:bb4fda4fdce6dcf70c3aae9c8d3ab9cf0c8c37c148558b9cf66872045dc3a1dd_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicloud-integrations-rhel8@sha256:c80b686c8b6c445142f11eae2e67b9159bd86bd68f3b979276854909459ddec6_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:c80b686c8b6c445142f11eae2e67b9159bd86bd68f3b979276854909459ddec6_arm64" }, "product_reference": "rhacm2/multicloud-integrations-rhel8@sha256:c80b686c8b6c445142f11eae2e67b9159bd86bd68f3b979276854909459ddec6_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:24ee2dbc8f1a72b95ef5f2d2ff8ee64fdbb99c34691eee2280536b5b19f2de91_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:24ee2dbc8f1a72b95ef5f2d2ff8ee64fdbb99c34691eee2280536b5b19f2de91_ppc64le" }, "product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:24ee2dbc8f1a72b95ef5f2d2ff8ee64fdbb99c34691eee2280536b5b19f2de91_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:2e8cc1abec346c56921e6962b5117d40b2d5e60474297134ea112c2111b1255c_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:2e8cc1abec346c56921e6962b5117d40b2d5e60474297134ea112c2111b1255c_arm64" }, "product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:2e8cc1abec346c56921e6962b5117d40b2d5e60474297134ea112c2111b1255c_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:9ff85e41b931a9856f0ff290f6cbfd461bc7fd3dfc36b40c656273a36c81cadd_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:9ff85e41b931a9856f0ff290f6cbfd461bc7fd3dfc36b40c656273a36c81cadd_s390x" }, "product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:9ff85e41b931a9856f0ff290f6cbfd461bc7fd3dfc36b40c656273a36c81cadd_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-observability-rhel8-operator@sha256:b329b846f30a02dc12a9af1006b32eae111fb9954dcf5ab4dd01142c73768291_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:b329b846f30a02dc12a9af1006b32eae111fb9954dcf5ab4dd01142c73768291_amd64" }, "product_reference": "rhacm2/multicluster-observability-rhel8-operator@sha256:b329b846f30a02dc12a9af1006b32eae111fb9954dcf5ab4dd01142c73768291_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:3a2ff6f8f3df7f191fd9b4c3f11109b26d69498f40ab80107de46363abd2336f_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:3a2ff6f8f3df7f191fd9b4c3f11109b26d69498f40ab80107de46363abd2336f_arm64" }, "product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:3a2ff6f8f3df7f191fd9b4c3f11109b26d69498f40ab80107de46363abd2336f_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:c113b3f518ed735c27ec6ff124b1737fd15bb34cb387cfca2ba3215bf09f5d7f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:c113b3f518ed735c27ec6ff124b1737fd15bb34cb387cfca2ba3215bf09f5d7f_ppc64le" }, "product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:c113b3f518ed735c27ec6ff124b1737fd15bb34cb387cfca2ba3215bf09f5d7f_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:ec13dbcfaa27524e0b93f744643dcb5c8f425246c3270cc6af038aa0efb8145f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:ec13dbcfaa27524e0b93f744643dcb5c8f425246c3270cc6af038aa0efb8145f_amd64" }, "product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:ec13dbcfaa27524e0b93f744643dcb5c8f425246c3270cc6af038aa0efb8145f_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-application-rhel8@sha256:f25f468c8bf12bef03b9d38400da0b11a97360afb1b163571e32f8c66509d723_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:f25f468c8bf12bef03b9d38400da0b11a97360afb1b163571e32f8c66509d723_s390x" }, "product_reference": "rhacm2/multicluster-operators-application-rhel8@sha256:f25f468c8bf12bef03b9d38400da0b11a97360afb1b163571e32f8c66509d723_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:88327afd50a1735b903d5fb9dc8c5f12c1367dd2293bf64708002890f52741a0_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:88327afd50a1735b903d5fb9dc8c5f12c1367dd2293bf64708002890f52741a0_s390x" }, "product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:88327afd50a1735b903d5fb9dc8c5f12c1367dd2293bf64708002890f52741a0_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:911a0452186303c9b3f82a4d964fdfe31422f84657173a6f272f67bf80e16871_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:911a0452186303c9b3f82a4d964fdfe31422f84657173a6f272f67bf80e16871_amd64" }, "product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:911a0452186303c9b3f82a4d964fdfe31422f84657173a6f272f67bf80e16871_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:b511716b38f4b9e4b29ff8a6878823dabc908de452707623c186f16688603fe4_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:b511716b38f4b9e4b29ff8a6878823dabc908de452707623c186f16688603fe4_ppc64le" }, "product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:b511716b38f4b9e4b29ff8a6878823dabc908de452707623c186f16688603fe4_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-channel-rhel8@sha256:f9f36b945a7929f50993dc1196fa8f8027228fc113d3cdc3016ff8d9b28ce17f_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:f9f36b945a7929f50993dc1196fa8f8027228fc113d3cdc3016ff8d9b28ce17f_arm64" }, "product_reference": "rhacm2/multicluster-operators-channel-rhel8@sha256:f9f36b945a7929f50993dc1196fa8f8027228fc113d3cdc3016ff8d9b28ce17f_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:1142ea372b1546c788283767025a0e93caf4879081db2fee0e3d477a42d53b71_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:1142ea372b1546c788283767025a0e93caf4879081db2fee0e3d477a42d53b71_ppc64le" }, "product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:1142ea372b1546c788283767025a0e93caf4879081db2fee0e3d477a42d53b71_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:841da85404d50361fbf25c135ebf40cc86abb853031dd36bfa0ccd0d811d9fd4_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:841da85404d50361fbf25c135ebf40cc86abb853031dd36bfa0ccd0d811d9fd4_s390x" }, "product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:841da85404d50361fbf25c135ebf40cc86abb853031dd36bfa0ccd0d811d9fd4_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:b37c5a10ed9642eea4400436375483dbc526ce9e3f1207327df3ff4e9d260fd1_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:b37c5a10ed9642eea4400436375483dbc526ce9e3f1207327df3ff4e9d260fd1_arm64" }, "product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:b37c5a10ed9642eea4400436375483dbc526ce9e3f1207327df3ff4e9d260fd1_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multicluster-operators-subscription-rhel8@sha256:e83389b09ed8acbe2785767709cefbe14e03030e7480a31b0ee088e82093e297_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:e83389b09ed8acbe2785767709cefbe14e03030e7480a31b0ee088e82093e297_amd64" }, "product_reference": "rhacm2/multicluster-operators-subscription-rhel8@sha256:e83389b09ed8acbe2785767709cefbe14e03030e7480a31b0ee088e82093e297_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:5ccf00aa7a2af38f1521e8738a0c727a564723a0f5bead3f0a57c219b79b4590_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:5ccf00aa7a2af38f1521e8738a0c727a564723a0f5bead3f0a57c219b79b4590_s390x" }, "product_reference": "rhacm2/multiclusterhub-repo-rhel8@sha256:5ccf00aa7a2af38f1521e8738a0c727a564723a0f5bead3f0a57c219b79b4590_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:a11c532fe076f1ad0b430cc2e2a66a31f046d49d03057ba0ee9e22dd73655e11_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:a11c532fe076f1ad0b430cc2e2a66a31f046d49d03057ba0ee9e22dd73655e11_arm64" }, "product_reference": "rhacm2/multiclusterhub-repo-rhel8@sha256:a11c532fe076f1ad0b430cc2e2a66a31f046d49d03057ba0ee9e22dd73655e11_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:b4ec8064135b8a0a37c4d9190e6a39429140243f9e7a97d4d82e4e0ae349aa71_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:b4ec8064135b8a0a37c4d9190e6a39429140243f9e7a97d4d82e4e0ae349aa71_amd64" }, "product_reference": "rhacm2/multiclusterhub-repo-rhel8@sha256:b4ec8064135b8a0a37c4d9190e6a39429140243f9e7a97d4d82e4e0ae349aa71_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-repo-rhel8@sha256:d25bc23a7446ebc266cc759cd23cefe2909e6f7f26b346af29d5eeee59588eea_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:d25bc23a7446ebc266cc759cd23cefe2909e6f7f26b346af29d5eeee59588eea_ppc64le" }, "product_reference": "rhacm2/multiclusterhub-repo-rhel8@sha256:d25bc23a7446ebc266cc759cd23cefe2909e6f7f26b346af29d5eeee59588eea_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-rhel8@sha256:04bffd7c3d708ecdfb9f750dc571242ecb575760b2dc032a89d6b90d996f9298_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:04bffd7c3d708ecdfb9f750dc571242ecb575760b2dc032a89d6b90d996f9298_amd64" }, "product_reference": "rhacm2/multiclusterhub-rhel8@sha256:04bffd7c3d708ecdfb9f750dc571242ecb575760b2dc032a89d6b90d996f9298_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-rhel8@sha256:1113003b61001b92cd12e58b67e7f8e8ef48e7135d35cdc76cf50a27287844c3_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:1113003b61001b92cd12e58b67e7f8e8ef48e7135d35cdc76cf50a27287844c3_arm64" }, "product_reference": "rhacm2/multiclusterhub-rhel8@sha256:1113003b61001b92cd12e58b67e7f8e8ef48e7135d35cdc76cf50a27287844c3_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-rhel8@sha256:5f973fe1f74245e35a674c00e60f32d23dcc0871f1546f04cc754c5393b0ec53_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:5f973fe1f74245e35a674c00e60f32d23dcc0871f1546f04cc754c5393b0ec53_ppc64le" }, "product_reference": "rhacm2/multiclusterhub-rhel8@sha256:5f973fe1f74245e35a674c00e60f32d23dcc0871f1546f04cc754c5393b0ec53_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/multiclusterhub-rhel8@sha256:6872989663e4716682420fbbb47e73bf259d1eea70d649bebb29b317ef36916a_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:6872989663e4716682420fbbb47e73bf259d1eea70d649bebb29b317ef36916a_s390x" }, "product_reference": "rhacm2/multiclusterhub-rhel8@sha256:6872989663e4716682420fbbb47e73bf259d1eea70d649bebb29b317ef36916a_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/node-exporter-rhel8@sha256:1652bcd9320bf9e383e5e991f7abe47a3085cbfb6e15bbcc19685c6975c2a4cb_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:1652bcd9320bf9e383e5e991f7abe47a3085cbfb6e15bbcc19685c6975c2a4cb_ppc64le" }, "product_reference": "rhacm2/node-exporter-rhel8@sha256:1652bcd9320bf9e383e5e991f7abe47a3085cbfb6e15bbcc19685c6975c2a4cb_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/node-exporter-rhel8@sha256:8d9f9e38e1867643b8e57443e97a5d7772a8a2adf547b5f0c5a259dc49916417_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:8d9f9e38e1867643b8e57443e97a5d7772a8a2adf547b5f0c5a259dc49916417_s390x" }, "product_reference": "rhacm2/node-exporter-rhel8@sha256:8d9f9e38e1867643b8e57443e97a5d7772a8a2adf547b5f0c5a259dc49916417_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/node-exporter-rhel8@sha256:9bd622d81286a07c025a9dce55ca1139e4b93cae830dfe347d57ad368751e43e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:9bd622d81286a07c025a9dce55ca1139e4b93cae830dfe347d57ad368751e43e_amd64" }, "product_reference": "rhacm2/node-exporter-rhel8@sha256:9bd622d81286a07c025a9dce55ca1139e4b93cae830dfe347d57ad368751e43e_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/node-exporter-rhel8@sha256:c7e08cb097dbed71c5177b4cccd44a228c5ec85061b02940e582c58f4b84ff79_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:c7e08cb097dbed71c5177b4cccd44a228c5ec85061b02940e582c58f4b84ff79_arm64" }, "product_reference": "rhacm2/node-exporter-rhel8@sha256:c7e08cb097dbed71c5177b4cccd44a228c5ec85061b02940e582c58f4b84ff79_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8-operator@sha256:3a96c1d964c7c5f39da73a2f846ad58311c0531f20789f48e229211139255200_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:3a96c1d964c7c5f39da73a2f846ad58311c0531f20789f48e229211139255200_s390x" }, "product_reference": "rhacm2/observatorium-rhel8-operator@sha256:3a96c1d964c7c5f39da73a2f846ad58311c0531f20789f48e229211139255200_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8-operator@sha256:40f0c0d4707cb3f6acbab593f917267af1cd7de322b382a2ddf442149c3e613c_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:40f0c0d4707cb3f6acbab593f917267af1cd7de322b382a2ddf442149c3e613c_ppc64le" }, "product_reference": "rhacm2/observatorium-rhel8-operator@sha256:40f0c0d4707cb3f6acbab593f917267af1cd7de322b382a2ddf442149c3e613c_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8-operator@sha256:642e765685e1d1ee7cd69a9d5230c2dc821ee71f7346135c992b25fdab278d03_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:642e765685e1d1ee7cd69a9d5230c2dc821ee71f7346135c992b25fdab278d03_amd64" }, "product_reference": "rhacm2/observatorium-rhel8-operator@sha256:642e765685e1d1ee7cd69a9d5230c2dc821ee71f7346135c992b25fdab278d03_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8-operator@sha256:a05ef9733ca94354872cb346241bb754e45f72bd33af80fa5d336dac6f041dd0_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:a05ef9733ca94354872cb346241bb754e45f72bd33af80fa5d336dac6f041dd0_arm64" }, "product_reference": "rhacm2/observatorium-rhel8-operator@sha256:a05ef9733ca94354872cb346241bb754e45f72bd33af80fa5d336dac6f041dd0_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8@sha256:2371688381650d6dd6a6800a2740df1d28f70c1eea8046ae2948f321c3e0e5e8_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:2371688381650d6dd6a6800a2740df1d28f70c1eea8046ae2948f321c3e0e5e8_ppc64le" }, "product_reference": "rhacm2/observatorium-rhel8@sha256:2371688381650d6dd6a6800a2740df1d28f70c1eea8046ae2948f321c3e0e5e8_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8@sha256:a51c789ed04a4c127c017625883041acd522831e885637071d41bfe3eebbcb34_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:a51c789ed04a4c127c017625883041acd522831e885637071d41bfe3eebbcb34_amd64" }, "product_reference": "rhacm2/observatorium-rhel8@sha256:a51c789ed04a4c127c017625883041acd522831e885637071d41bfe3eebbcb34_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8@sha256:d3b7f453143d6702fd4b917f21c5a9297d0f7de52a1ccf39e5c1569724142d8f_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:d3b7f453143d6702fd4b917f21c5a9297d0f7de52a1ccf39e5c1569724142d8f_arm64" }, "product_reference": "rhacm2/observatorium-rhel8@sha256:d3b7f453143d6702fd4b917f21c5a9297d0f7de52a1ccf39e5c1569724142d8f_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/observatorium-rhel8@sha256:ee861a555f0d02bf7aabc3e20704f865610c0f4f50a14a5a525b2e97d166870a_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:ee861a555f0d02bf7aabc3e20704f865610c0f4f50a14a5a525b2e97d166870a_s390x" }, "product_reference": "rhacm2/observatorium-rhel8@sha256:ee861a555f0d02bf7aabc3e20704f865610c0f4f50a14a5a525b2e97d166870a_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:35d1eac6227a8a164d84926bc7229f33b6717dee1e94585216ab2b04d5d527a1_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:35d1eac6227a8a164d84926bc7229f33b6717dee1e94585216ab2b04d5d527a1_ppc64le" }, "product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:35d1eac6227a8a164d84926bc7229f33b6717dee1e94585216ab2b04d5d527a1_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:b2675cddc1075d884c8241ea3c57991cd6bd80e810f0581a0a637f39664be44d_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:b2675cddc1075d884c8241ea3c57991cd6bd80e810f0581a0a637f39664be44d_s390x" }, "product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:b2675cddc1075d884c8241ea3c57991cd6bd80e810f0581a0a637f39664be44d_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:d6b0e86f29dab6d89f6fa11c0784ff14cb1006760a16bee26336197f0cfae87a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:d6b0e86f29dab6d89f6fa11c0784ff14cb1006760a16bee26336197f0cfae87a_amd64" }, "product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:d6b0e86f29dab6d89f6fa11c0784ff14cb1006760a16bee26336197f0cfae87a_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-alertmanager-rhel8@sha256:dd2b23d192fa9271eb45655959e8d001e6d3d2c6d08315a475d538ad65f1df3a_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:dd2b23d192fa9271eb45655959e8d001e6d3d2c6d08315a475d538ad65f1df3a_arm64" }, "product_reference": "rhacm2/prometheus-alertmanager-rhel8@sha256:dd2b23d192fa9271eb45655959e8d001e6d3d2c6d08315a475d538ad65f1df3a_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-rhel8@sha256:0e323da0373223f3d74b6f605b407a6b186ff2d2da4cf6f5110cdf915ebf921c_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:0e323da0373223f3d74b6f605b407a6b186ff2d2da4cf6f5110cdf915ebf921c_ppc64le" }, "product_reference": "rhacm2/prometheus-rhel8@sha256:0e323da0373223f3d74b6f605b407a6b186ff2d2da4cf6f5110cdf915ebf921c_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-rhel8@sha256:4780b0e407922afcff9fc07f5e6244c2b8b5c753bbb76fd0f447f272f18850f5_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:4780b0e407922afcff9fc07f5e6244c2b8b5c753bbb76fd0f447f272f18850f5_arm64" }, "product_reference": "rhacm2/prometheus-rhel8@sha256:4780b0e407922afcff9fc07f5e6244c2b8b5c753bbb76fd0f447f272f18850f5_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-rhel8@sha256:7af598478e682a5e71ba687b6ff18410ef60702b4fa1d91ab27e9f639fc526e8_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:7af598478e682a5e71ba687b6ff18410ef60702b4fa1d91ab27e9f639fc526e8_amd64" }, "product_reference": "rhacm2/prometheus-rhel8@sha256:7af598478e682a5e71ba687b6ff18410ef60702b4fa1d91ab27e9f639fc526e8_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/prometheus-rhel8@sha256:8e970b2b36adb7ab6c477c7d6f03319ea6e4f294cd3a795fe3c71bdbaffe6116_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:8e970b2b36adb7ab6c477c7d6f03319ea6e4f294cd3a795fe3c71bdbaffe6116_s390x" }, "product_reference": "rhacm2/prometheus-rhel8@sha256:8e970b2b36adb7ab6c477c7d6f03319ea6e4f294cd3a795fe3c71bdbaffe6116_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:037f32bcb75c53c2ca3df761d42c8ac2c409c21cd52fb0f82b16a558cb465860_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:037f32bcb75c53c2ca3df761d42c8ac2c409c21cd52fb0f82b16a558cb465860_ppc64le" }, "product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:037f32bcb75c53c2ca3df761d42c8ac2c409c21cd52fb0f82b16a558cb465860_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:1b8c16923b7916824baf9b02d5b9654b36c57518051c42f909d8a3078d0dcb4f_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:1b8c16923b7916824baf9b02d5b9654b36c57518051c42f909d8a3078d0dcb4f_arm64" }, "product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:1b8c16923b7916824baf9b02d5b9654b36c57518051c42f909d8a3078d0dcb4f_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:2ed5806d7fa79c6a66ac58a18d7d1965a93f5014601aa47d7c17ab702074f7e7_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:2ed5806d7fa79c6a66ac58a18d7d1965a93f5014601aa47d7c17ab702074f7e7_s390x" }, "product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:2ed5806d7fa79c6a66ac58a18d7d1965a93f5014601aa47d7c17ab702074f7e7_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/rbac-query-proxy-rhel8@sha256:e8ff466a5a96124a426bcbbd333dbe8e24413f379a03852a3d46f2bf80ec895d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:e8ff466a5a96124a426bcbbd333dbe8e24413f379a03852a3d46f2bf80ec895d_amd64" }, "product_reference": "rhacm2/rbac-query-proxy-rhel8@sha256:e8ff466a5a96124a426bcbbd333dbe8e24413f379a03852a3d46f2bf80ec895d_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/redisgraph-tls-rhel8@sha256:b7de40c100bb2398625d0c82bfacc95fa48aabbd9bf8b5f6392a4472859cbc32_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:b7de40c100bb2398625d0c82bfacc95fa48aabbd9bf8b5f6392a4472859cbc32_amd64" }, "product_reference": "rhacm2/redisgraph-tls-rhel8@sha256:b7de40c100bb2398625d0c82bfacc95fa48aabbd9bf8b5f6392a4472859cbc32_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/redisgraph-tls-rhel8@sha256:ca4cd77e3facd5539bd81fd48fe9336221e80ba291c0f833ffd83f0eaf11e07a_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:ca4cd77e3facd5539bd81fd48fe9336221e80ba291c0f833ffd83f0eaf11e07a_ppc64le" }, "product_reference": "rhacm2/redisgraph-tls-rhel8@sha256:ca4cd77e3facd5539bd81fd48fe9336221e80ba291c0f833ffd83f0eaf11e07a_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/redisgraph-tls-rhel8@sha256:e855417861657cedde18cfc2f66c45b63824c37b4de0f9fc3f25f4ed67dbc36a_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:e855417861657cedde18cfc2f66c45b63824c37b4de0f9fc3f25f4ed67dbc36a_arm64" }, "product_reference": "rhacm2/redisgraph-tls-rhel8@sha256:e855417861657cedde18cfc2f66c45b63824c37b4de0f9fc3f25f4ed67dbc36a_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/redisgraph-tls-rhel8@sha256:e92a956984d1cf5aa52e10385ab5bc2e311c417e1e0c2f78164acb7eebdb5736_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:e92a956984d1cf5aa52e10385ab5bc2e311c417e1e0c2f78164acb7eebdb5736_s390x" }, "product_reference": "rhacm2/redisgraph-tls-rhel8@sha256:e92a956984d1cf5aa52e10385ab5bc2e311c417e1e0c2f78164acb7eebdb5736_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-aggregator-rhel8@sha256:a9f793576637ced1ebe38ca9ac21755f042db908728146ef329fccf93811ce45_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:a9f793576637ced1ebe38ca9ac21755f042db908728146ef329fccf93811ce45_ppc64le" }, "product_reference": "rhacm2/search-aggregator-rhel8@sha256:a9f793576637ced1ebe38ca9ac21755f042db908728146ef329fccf93811ce45_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-aggregator-rhel8@sha256:bf33628423223c08e8814e98e2e91dbc8ed1744b834df66d8d296873be92215c_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:bf33628423223c08e8814e98e2e91dbc8ed1744b834df66d8d296873be92215c_arm64" }, "product_reference": "rhacm2/search-aggregator-rhel8@sha256:bf33628423223c08e8814e98e2e91dbc8ed1744b834df66d8d296873be92215c_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-aggregator-rhel8@sha256:d0661fcd6a08c6526494d24e3351ffb70957ef5b82b9ae7e3a990c9b5051d5cc_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:d0661fcd6a08c6526494d24e3351ffb70957ef5b82b9ae7e3a990c9b5051d5cc_amd64" }, "product_reference": "rhacm2/search-aggregator-rhel8@sha256:d0661fcd6a08c6526494d24e3351ffb70957ef5b82b9ae7e3a990c9b5051d5cc_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-aggregator-rhel8@sha256:fd9b1ce2754afa36b13afcfd1f858d8349e7ce8da772581000f6d4cf022fa6a9_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:fd9b1ce2754afa36b13afcfd1f858d8349e7ce8da772581000f6d4cf022fa6a9_s390x" }, "product_reference": "rhacm2/search-aggregator-rhel8@sha256:fd9b1ce2754afa36b13afcfd1f858d8349e7ce8da772581000f6d4cf022fa6a9_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-api-rhel8@sha256:2d28b16b252edf0bd1e1ec3f820d155d1aff4a7a716f5443125fba72e6a63ac1_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:2d28b16b252edf0bd1e1ec3f820d155d1aff4a7a716f5443125fba72e6a63ac1_ppc64le" }, "product_reference": "rhacm2/search-api-rhel8@sha256:2d28b16b252edf0bd1e1ec3f820d155d1aff4a7a716f5443125fba72e6a63ac1_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-api-rhel8@sha256:3ad1262ba07c5b5aa31a207b1653e19f7faacc4cb303d2b5a0763d10eb93e849_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:3ad1262ba07c5b5aa31a207b1653e19f7faacc4cb303d2b5a0763d10eb93e849_amd64" }, "product_reference": "rhacm2/search-api-rhel8@sha256:3ad1262ba07c5b5aa31a207b1653e19f7faacc4cb303d2b5a0763d10eb93e849_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-api-rhel8@sha256:f1837082f8b4f9f7eae400a787caf3d5b96d350a34adfc018af912f271d63743_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:f1837082f8b4f9f7eae400a787caf3d5b96d350a34adfc018af912f271d63743_s390x" }, "product_reference": "rhacm2/search-api-rhel8@sha256:f1837082f8b4f9f7eae400a787caf3d5b96d350a34adfc018af912f271d63743_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-api-rhel8@sha256:f7846422fdec5bf9401a3fb87698477eaa059229570396fcd585cc46253b2079_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:f7846422fdec5bf9401a3fb87698477eaa059229570396fcd585cc46253b2079_arm64" }, "product_reference": "rhacm2/search-api-rhel8@sha256:f7846422fdec5bf9401a3fb87698477eaa059229570396fcd585cc46253b2079_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-collector-rhel8@sha256:5a08a50c990ed4417d8f9f9841ee1de19634af2172a1f98b8fde1bb92fccefb0_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:5a08a50c990ed4417d8f9f9841ee1de19634af2172a1f98b8fde1bb92fccefb0_ppc64le" }, "product_reference": "rhacm2/search-collector-rhel8@sha256:5a08a50c990ed4417d8f9f9841ee1de19634af2172a1f98b8fde1bb92fccefb0_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-collector-rhel8@sha256:63f6abf2d72b042858ad4980b027ae6f17ad6435b43e3f6c8546c74ffaf3a6f8_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:63f6abf2d72b042858ad4980b027ae6f17ad6435b43e3f6c8546c74ffaf3a6f8_arm64" }, "product_reference": "rhacm2/search-collector-rhel8@sha256:63f6abf2d72b042858ad4980b027ae6f17ad6435b43e3f6c8546c74ffaf3a6f8_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-collector-rhel8@sha256:9446ac9d281170357d985a104a2fa073b3a569ee09a955a16e14612d685fef5e_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:9446ac9d281170357d985a104a2fa073b3a569ee09a955a16e14612d685fef5e_amd64" }, "product_reference": "rhacm2/search-collector-rhel8@sha256:9446ac9d281170357d985a104a2fa073b3a569ee09a955a16e14612d685fef5e_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-collector-rhel8@sha256:a42328709ffb7f22214f7f0b6de4974b5d995124e88607d3d3375fa78ba801e2_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:a42328709ffb7f22214f7f0b6de4974b5d995124e88607d3d3375fa78ba801e2_s390x" }, "product_reference": "rhacm2/search-collector-rhel8@sha256:a42328709ffb7f22214f7f0b6de4974b5d995124e88607d3d3375fa78ba801e2_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-rhel8@sha256:128557c1c210c5fbd1d4a4fadac47332543701fed122ba74d4d2dfd2a073af9e_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:128557c1c210c5fbd1d4a4fadac47332543701fed122ba74d4d2dfd2a073af9e_arm64" }, "product_reference": "rhacm2/search-rhel8@sha256:128557c1c210c5fbd1d4a4fadac47332543701fed122ba74d4d2dfd2a073af9e_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-rhel8@sha256:8235a36f2220a68809f0babae52f80792e6ad0e16f721f7129f11e96cf3b2bd9_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:8235a36f2220a68809f0babae52f80792e6ad0e16f721f7129f11e96cf3b2bd9_amd64" }, "product_reference": "rhacm2/search-rhel8@sha256:8235a36f2220a68809f0babae52f80792e6ad0e16f721f7129f11e96cf3b2bd9_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-rhel8@sha256:cec39662240316282583d53b06957dd53eae71fe9ee9176619a9501d5fe52e18_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:cec39662240316282583d53b06957dd53eae71fe9ee9176619a9501d5fe52e18_ppc64le" }, "product_reference": "rhacm2/search-rhel8@sha256:cec39662240316282583d53b06957dd53eae71fe9ee9176619a9501d5fe52e18_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/search-rhel8@sha256:fd44c058a007d51f81da06eb05c3e40222989b51a3b42f2c5d4348e688bebd12_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:fd44c058a007d51f81da06eb05c3e40222989b51a3b42f2c5d4348e688bebd12_s390x" }, "product_reference": "rhacm2/search-rhel8@sha256:fd44c058a007d51f81da06eb05c3e40222989b51a3b42f2c5d4348e688bebd12_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/submariner-addon-rhel8@sha256:2d645d3f46e9613f9007a8e640b48249708bd583e1f8119828ff7b6f03942c09_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:2d645d3f46e9613f9007a8e640b48249708bd583e1f8119828ff7b6f03942c09_amd64" }, "product_reference": "rhacm2/submariner-addon-rhel8@sha256:2d645d3f46e9613f9007a8e640b48249708bd583e1f8119828ff7b6f03942c09_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/submariner-addon-rhel8@sha256:48409b1f123491da843395bd3dcaa53798134243ec3c36f9236936e9f24f4b45_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:48409b1f123491da843395bd3dcaa53798134243ec3c36f9236936e9f24f4b45_arm64" }, "product_reference": "rhacm2/submariner-addon-rhel8@sha256:48409b1f123491da843395bd3dcaa53798134243ec3c36f9236936e9f24f4b45_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/submariner-addon-rhel8@sha256:6e89d7a3e6bf3c28253dd95cf29574d8c4f4719025ce5f80834f08327d106a34_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:6e89d7a3e6bf3c28253dd95cf29574d8c4f4719025ce5f80834f08327d106a34_s390x" }, "product_reference": "rhacm2/submariner-addon-rhel8@sha256:6e89d7a3e6bf3c28253dd95cf29574d8c4f4719025ce5f80834f08327d106a34_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/submariner-addon-rhel8@sha256:81c01dc11be9f1392d08fc73d851a7ec9eacf231996abf16c8a72d8e236cabd9_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:81c01dc11be9f1392d08fc73d851a7ec9eacf231996abf16c8a72d8e236cabd9_ppc64le" }, "product_reference": "rhacm2/submariner-addon-rhel8@sha256:81c01dc11be9f1392d08fc73d851a7ec9eacf231996abf16c8a72d8e236cabd9_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:0d003ef4b01caf461125e4bdb33400e8bef1544caa6489f5ded4d52481401939_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:0d003ef4b01caf461125e4bdb33400e8bef1544caa6489f5ded4d52481401939_arm64" }, "product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:0d003ef4b01caf461125e4bdb33400e8bef1544caa6489f5ded4d52481401939_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:3fafe8b059919821ba8ee3a84707a42dcf8b468cbaf6af648a38f0738d633895_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:3fafe8b059919821ba8ee3a84707a42dcf8b468cbaf6af648a38f0738d633895_amd64" }, "product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:3fafe8b059919821ba8ee3a84707a42dcf8b468cbaf6af648a38f0738d633895_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:443395da4ffb74c7a7da0e8d564a57b494c46229be0a2c4b5a4087f153e63245_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:443395da4ffb74c7a7da0e8d564a57b494c46229be0a2c4b5a4087f153e63245_s390x" }, "product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:443395da4ffb74c7a7da0e8d564a57b494c46229be0a2c4b5a4087f153e63245_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-receive-controller-rhel8@sha256:784ca9b2ee4f24802a3287a20dae0b8837b39ac253fcec1f8e0327ca2c2b8e43_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:784ca9b2ee4f24802a3287a20dae0b8837b39ac253fcec1f8e0327ca2c2b8e43_ppc64le" }, "product_reference": "rhacm2/thanos-receive-controller-rhel8@sha256:784ca9b2ee4f24802a3287a20dae0b8837b39ac253fcec1f8e0327ca2c2b8e43_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-rhel8@sha256:80041d399a8f8235338af770656f5d8ddf131f8434f4869ebd95e0d3d9e50594_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:80041d399a8f8235338af770656f5d8ddf131f8434f4869ebd95e0d3d9e50594_ppc64le" }, "product_reference": "rhacm2/thanos-rhel8@sha256:80041d399a8f8235338af770656f5d8ddf131f8434f4869ebd95e0d3d9e50594_ppc64le", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-rhel8@sha256:c00bddf4726f69dd95b582de5a2ab5901c83176ba39b9d0232d274755b222cd1_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:c00bddf4726f69dd95b582de5a2ab5901c83176ba39b9d0232d274755b222cd1_amd64" }, "product_reference": "rhacm2/thanos-rhel8@sha256:c00bddf4726f69dd95b582de5a2ab5901c83176ba39b9d0232d274755b222cd1_amd64", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-rhel8@sha256:ec6a6a410dc9fa64060cbc030c22ce8eb2df057f2dbcf38f39a830cc03c79152_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:ec6a6a410dc9fa64060cbc030c22ce8eb2df057f2dbcf38f39a830cc03c79152_s390x" }, "product_reference": "rhacm2/thanos-rhel8@sha256:ec6a6a410dc9fa64060cbc030c22ce8eb2df057f2dbcf38f39a830cc03c79152_s390x", "relates_to_product_reference": "8Base-RHACM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "rhacm2/thanos-rhel8@sha256:f617a890dd4d7b2fdce173f70f0901236f488197ebde036935aab26c3f8b23ff_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.6 for RHEL 8", "product_id": "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:f617a890dd4d7b2fdce173f70f0901236f488197ebde036935aab26c3f8b23ff_arm64" }, "product_reference": "rhacm2/thanos-rhel8@sha256:f617a890dd4d7b2fdce173f70f0901236f488197ebde036935aab26c3f8b23ff_arm64", "relates_to_product_reference": "8Base-RHACM-2.6" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-24999", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150323" } ], "notes": [ { "category": "description", "text": "A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "express: \"qs\" prototype poisoning causes the hang of the node process", "title": "Vulnerability summary" }, { "category": "other", "text": "- The qs and express Package is not used by the OpenShift Container Platform console directly and is only a third-party package dependency. Hence, it is marked as wontfix. \nAs a result, any services that depend on Openshift for their use of qs and express are marked won\u0027t fix. \n- In OpenShift Service Mesh, \u0027qs\u0027 is hoisted from storybook and node-sass, both are dev dependencies, and the vulnerability is not exposed to end users. Hence marked as wontfix.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:016f483a5e59153e14800c37d7e16da2fd074dcb84e0db61521c209d148e4fd3_s390x", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:0e83b7308b7f8efd0dd4c482d301231ea81744a9c243efddb57714f687625bb7_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:61130d76a9adf8c0aa14c46e56f5e7b1b588a186903e0559ed2139a6e6f70c86_amd64", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:805edfdb835ecd74495c3303651f536e5402e90b8fb1d3b8e205847fb93465e5_arm64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:899cb767f3e31ec536ca9d48930b1eaabb4907e6ec65d99fe0b9e186d0df6ca2_s390x", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:bc40aa848bbbebd35833e69b8011db918de5c3abf5954dd5d4166a01a486a74f_arm64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:bfe9b7bcf0625e885e052caf23a310702173a669620b32f071f83dea7b13991d_amd64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:f082c0cdabf220570bc3bdf145c66fefe39d31cbb988da962a3262d0264777e6_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:10508327d7bc352c8e15a4876f5b2703c7be468d2cca14172f2dee077ee49bb8_arm64", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:4ede1e02b3574cc788867b443a745dcc75d35abad1b53f24159c5bd29c200821_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:dda9d7c21f0ed27d0362402e7b5ce2883ab00b5122c1183b62072b7b2f558d8c_s390x", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:f44b26dc661c6d88ac3608d99d0dce9ad05d71b43402e01377ba0f367cbe73ff_amd64", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:5974496dcb98fb518cff7eb1d65fa84b44ca498d6b226715815152e4da018257_s390x", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:d211ac3abd79d3fbbfbe78f9c2f1886ff9e289fe01934d6e0f9f0797c6fba39b_amd64", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:fe1d26d24fd371f2d104d34ac91d604d250361ac35cadfb0841998f5afb44788_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0cb8bc0ed7d77f5a21023dbe793bf9e56e36dbbc7488f5998c999c7593e55e73_s390x", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:3e5827095c132f2f8c0fb4a413c32c1b6bfd11a5f759c2eb18f22b1bf8f57a64_arm64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:b7fe05d3c00a3e14691f7aeeac2adc8b278254c91341a82b04861aec1fdc2544_amd64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:cc25f7b4a426d4ad2bbd5769b4f22581ea50170fc743a8237f7fd07b7a2957a9_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:0110e8b7af143ead3c278a00375ba016bc46160dbfac15a151a9d929ffbb781c_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:a150ebba0dea0ddc16fe23701ba0400c0d1c62ba9ad34e44fd87d0257caee932_amd64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:a31024043f963ee49a4eaab131085952742ef082e1c47cc676998d6dcf207a6f_s390x", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:faf61986493ad09657d5bd3aa31a93363b9c231a87ad8dc69d8dcb1b5ebeb500_arm64", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:1b575eba8b7d2379cd04974fab889ccaf671875923e0904053a2896cf431e925_arm64", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:6292d00742228851ab7832e2852827df767492a2401d65dd420c8b0aeee24e97_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:7dc6c8a7939703d32323f7808810b1358aa34c080e1171cf7e5cb2a5a79e86ce_s390x", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:f3a2b0b31436ea31e3abbd4b61792b360143f3e00013aab65a8bd78973959369_amd64", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:19b56fec5b0398f1193e4695831d198ac88a75e496bc01c66ad25a92ad338f3b_amd64", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:2e83f766397a03678513afb6cf6a797e5266c4acd65117413e1f0e780b2ed54b_ppc64le", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:c3688d17fdae2a92ac51771fff354666ae0caaa298dc155e477a43b4f5c56133_s390x", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:eed520e609ffffce2fc428a4d1a8c18d824ff5b74582760ccc85dcdfbfe0c5a0_arm64", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:0bcd60d96620d8ca69bd8062234c8bf7b12c4ae584ac9b6278270915204a23f4_arm64", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:48efa4484d7892fcc0c282a06ab4e1183d9c6372f42fd309ca14e224ea33e9e7_ppc64le", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:5adb81f731b8399658946e6adadb67588f31d8edf3affbddfd7587afe0b487ae_s390x", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:f5d5a6f7de76cee2d3b1619f3d5fcf75194aacb4bc12d5d4c201bab4d5597ee2_amd64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:28e34470e1ec3c0b1ced4842a3479b3fba9cc9607aa5470c5b17590e1ca4bc6a_amd64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:49a48119aeb0fb449f65a50017f26abac02a4885b614d0c9e3eb8ab73ba7eb37_ppc64le", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:61a33bef5ae4af5437a3c8c3e2ed1070e034a1795c40dc2f037362056c6efe30_arm64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:80b49ccd71c92b359e8d872e47e8c5c5f8cc4d538fe5d62f1866b30d012ad0ab_s390x", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:6a0d8b3b5245d310b97053106f3efd1bad5c9f36a0e1e95d7a8422203a79c9ce_s390x", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:75b36663fe8d8cf2893f493506de374b2e5a92300e38c2de25286cbdadc28a5f_arm64", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:9f39582360916bb4b1992246996e3aa74acc45df687532ac633c6ba2355bf312_ppc64le", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:d704cbfd52ffc28600576014b2252f6bd68c24510fdec9fd07983e7a1d71abac_amd64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:369ff114990cffe175afce158b43b5961036970a98fbbdf215b4bd79ca453208_arm64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:3a0845abe6f3eb7daea9f7be70146c50157422ec08c4729e5d03afc0071b1b95_amd64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:60ffd918bb2555301ff77cc9aa0ed07b972055f5e3479cd272e2a37a25f6dca9_s390x", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:b34190c8bcba479316ca98b8970927b6ce186c976c158c8f366e8bd7d4b001ad_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:36311cf8452859515d1f38890c24be9a2700f57c56aa400899d055b115fa584c_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:b38271d78dbbb935d43a2f17f8b094c082f625fee82054457e2cd39fa0351994_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:c35e75613bd4ca07ed9e3191daaca9597b6565908cdf7d08983ba2b6b48396e3_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:f95041614179ec6b26333e673f7e7975853d16ee3657671ca23ab7127a4eb6a0_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:bab9db88a656cc8727c9b571644cc674212d338e7f4a9bc85d7225c80474926e_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:c08b6982d29a81ae3a773df997d072dfd9ce75730550d36b3e0b3824b5bd7ea9_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:cbc36059b752e976905b0229c11cae97e6f337d12025d23d87a307ad73ae6716_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:d4d0e7ba33b9e6d6587ce1b28ec25adc1e089d501d877d89ca648b63fb2a277e_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:85c62dda998b2a54a085bdf0c6ab1c3c82e600e1e02c1bb68924f526b6b9068d_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:93565ddd2b6e23cf9617182568d0857615c47e38876dffbe2487f94bcec24028_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:d21e99b074aa214bc51067968b914c8379e198436d57ea747df4338607b93d48_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:e3676c01071ea21f4fac104f37498fdf5b3fba1a179ba9cc711e6fcec30e82e8_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:1eb6675c10505c3879114b1943b507e0fbfa25f036a5f16135620e45dbf7658c_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:7f3571c3b232b867dbcc84cebc2da8f12d1c9a56ddaabd21eac5cc7baab1e3b5_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:ab113018e018c9832c611bec3a264b0d153f2a0eb0b627fe7dafb5b696ad27ed_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:eef6778e228371853f242025a102c4208c90c34f4cafab01bcff8c61c402c964_amd64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:12527f1a5d2344e97afa8b0617e1e88641b3c49887ecb443354a2c2bc43ece44_arm64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:1821593db2c0ca2390d7b79599d725cdd1ce97a48283d7e43b87bd3bc91f3d6a_amd64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:5a7e21a5e3541b9c0a0bb054af74ec83932cf89cabd577c3a8362e50ac4fc5e8_ppc64le", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:80418945860182a602c612527776d46f785d3559f785830f7c6e82393d19cb4d_s390x", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:06fb15f2fa6bed947eb7ca0f0e8d0cf70f06e66b27aaa693c870588d27d1c177_ppc64le", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:5c6a3d48b7cb1e8232982c5eac1a2b4387c282dfd605e2a557bec96f1f933f6d_s390x", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:80485bb799315ca749c41e97c4c7c03077812f6042e58d8074664e3f43b7f089_amd64", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:a0bd2dc5b2821c1ee0bf8f898a3a164514fc24bbe0bb4a12951eb85f0fd9d0b9_arm64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:321a39f4bb988e5e9c939408d6b8bbb1e028fe77fe8677ef2c0772b518721844_ppc64le", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:552124adf595742d3a825333527f832a0550c0ad2c1e696f4deb7f036398ed40_arm64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:67a073c946ec93ebc804e0659cef7adeafc2374cd50078213e5fdb9ea0ab39df_amd64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:bc072c76f3859a263c3d16910d35970be75b2e5f38372e8fdaf2d3aafbac56a0_s390x", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:185312f710adba3946767f8a9780d2b34a3d7f3f9817b34474b99cd5208bf7b6_arm64", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:6ee6966426237d620c6a6c6689c3a9f92402c1dee4705cb211b96fcf3c313206_ppc64le", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:a3282b636b15d635dd3efc864401745b7b498f1c479f53e3a433fec7911f8394_amd64", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:ff06b32d082d92e28c1717004064d3c7d86bfd0216397c945c15728a6ee215ef_s390x", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:504ca7e02b98a87d8ba9133af0edb696f4e678544c0525db88e07493bf453b77_ppc64le", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:7563def4a9aaa7919df519c6d8003e0a7ca809c4a5060de2452f07ba30814b23_amd64", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:797874e0775333e4a49efccafb02457047626957bdbb1433daf23760971ced06_s390x", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:ca3e4476b47ec7ee11f0ff337199476e6003acc49a52628a31e658d2e2a57964_arm64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:84512ecf696a455eda78faee46c67d133233cfc83c6cb9c94bac6e48f3a9f18a_ppc64le", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:93e3fd0ed70942cd139f9aa69cb1b554a9f233bcd9dee4ae6677884d1761bdbd_amd64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:a00401a78d20c87e74af58c3c863b96aac34a5a64d12e5b555ed9afdebee46de_arm64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:fd688c4075f922cbe83adcb086ff46a532305254b5afe9a4e47da04834a23a5a_s390x", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:0b80b5dfafea88c4622f2aab35cbbe9816be4c3f6efc0a95c9038f16a910aa84_amd64", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:58d091cc31aaaf066a26e313fa6c412e1f871693c55d4baa11637a00ee37cd4b_arm64", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:791c3a0554c9da69b7019389c5fa76db9c1520e90a0d8b308337480817f3497f_ppc64le", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:ef2946f0a6f2d46dd41ddb074dc570ab34eadd1abfc4ed0ef71ab3821c3e5b06_s390x", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:519209c863b2aac1fd7dc8ecb130f73ad122935e166066d1d6405396f00aa434_arm64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:58775de0ea7bc5d9ca4545b0c93c0bab71d0c4e0bcc21e86bc6f6e799875ff23_s390x", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:bd540cc538e2665a17665b07f5053b5b4402319af6959c384b279d152348d26e_ppc64le", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:f8c4d907139b78e05905be1b1a2005fcf1e1a8f86b811c8434c8d87131704806_amd64", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:15b0ce69868674b0f82ae4baf3590a54e01d9ebcc9dbc793e31f923289f8a975_s390x", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:4178399ac2e7fad92f077b0c33d653aabeddba0c2a52f168e691549ad1cc9726_arm64", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:4812b505722334bcb9fda21fcbaa22154d77d045528ed014e6c98b205037aa27_ppc64le", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:ff7140ddb5a1fce8c1020c779ff1d5050f019d24f739d4925857ea6d5a4dd79a_amd64", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:55869d62acabc78675fb3f926d45f6630f03ff380af76665eb36f3bd1ea17092_ppc64le", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:73d392672b8d9a1a2df91e47294f688d6747ff1ae5e9b8246b5cb58ca0c7f176_arm64", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:f354c65db51cbe4085d9ea8b0c8154ab50ace724373600aa2ef2da17ef32a4ab_amd64", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:fd666a970e27a34561fc0ec031d86f2e7f453e3865e68289dc5b592387dcad70_s390x", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:3873c526806dd32fe77619f276daf32444897abb706557cc63aaf6ab17e89e49_arm64", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:39501eeb312f7b4a13a0fc0420e4f06af944f7c81688e3a9430975e8579d4a20_amd64", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:dc64483b0208b0a1cc1fbc463364f58ac7aab2eaa259c4f4e8e78ccaf89d2998_s390x", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:dff76ab0cc28c3c4e7e588a421514e0c9041c50eb17071fdd9b1939015ed2ff0_ppc64le", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:2cac0b4e4c1093a726dde6fdc59cb2023dde20a7ca62f6ab7644953f4b02daa4_ppc64le", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:979e3786edd600e094a69d279701a42f6330b000957fd8ea4a12c85cbff04df2_amd64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:bb4fda4fdce6dcf70c3aae9c8d3ab9cf0c8c37c148558b9cf66872045dc3a1dd_s390x", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:c80b686c8b6c445142f11eae2e67b9159bd86bd68f3b979276854909459ddec6_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:24ee2dbc8f1a72b95ef5f2d2ff8ee64fdbb99c34691eee2280536b5b19f2de91_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:2e8cc1abec346c56921e6962b5117d40b2d5e60474297134ea112c2111b1255c_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:9ff85e41b931a9856f0ff290f6cbfd461bc7fd3dfc36b40c656273a36c81cadd_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:b329b846f30a02dc12a9af1006b32eae111fb9954dcf5ab4dd01142c73768291_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:3a2ff6f8f3df7f191fd9b4c3f11109b26d69498f40ab80107de46363abd2336f_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:c113b3f518ed735c27ec6ff124b1737fd15bb34cb387cfca2ba3215bf09f5d7f_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:ec13dbcfaa27524e0b93f744643dcb5c8f425246c3270cc6af038aa0efb8145f_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:f25f468c8bf12bef03b9d38400da0b11a97360afb1b163571e32f8c66509d723_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:88327afd50a1735b903d5fb9dc8c5f12c1367dd2293bf64708002890f52741a0_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:911a0452186303c9b3f82a4d964fdfe31422f84657173a6f272f67bf80e16871_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:b511716b38f4b9e4b29ff8a6878823dabc908de452707623c186f16688603fe4_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:f9f36b945a7929f50993dc1196fa8f8027228fc113d3cdc3016ff8d9b28ce17f_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:1142ea372b1546c788283767025a0e93caf4879081db2fee0e3d477a42d53b71_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:841da85404d50361fbf25c135ebf40cc86abb853031dd36bfa0ccd0d811d9fd4_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:b37c5a10ed9642eea4400436375483dbc526ce9e3f1207327df3ff4e9d260fd1_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:e83389b09ed8acbe2785767709cefbe14e03030e7480a31b0ee088e82093e297_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:5ccf00aa7a2af38f1521e8738a0c727a564723a0f5bead3f0a57c219b79b4590_s390x", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:a11c532fe076f1ad0b430cc2e2a66a31f046d49d03057ba0ee9e22dd73655e11_arm64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:b4ec8064135b8a0a37c4d9190e6a39429140243f9e7a97d4d82e4e0ae349aa71_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:d25bc23a7446ebc266cc759cd23cefe2909e6f7f26b346af29d5eeee59588eea_ppc64le", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:04bffd7c3d708ecdfb9f750dc571242ecb575760b2dc032a89d6b90d996f9298_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:1113003b61001b92cd12e58b67e7f8e8ef48e7135d35cdc76cf50a27287844c3_arm64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:5f973fe1f74245e35a674c00e60f32d23dcc0871f1546f04cc754c5393b0ec53_ppc64le", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:6872989663e4716682420fbbb47e73bf259d1eea70d649bebb29b317ef36916a_s390x", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:1652bcd9320bf9e383e5e991f7abe47a3085cbfb6e15bbcc19685c6975c2a4cb_ppc64le", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:8d9f9e38e1867643b8e57443e97a5d7772a8a2adf547b5f0c5a259dc49916417_s390x", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:9bd622d81286a07c025a9dce55ca1139e4b93cae830dfe347d57ad368751e43e_amd64", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:c7e08cb097dbed71c5177b4cccd44a228c5ec85061b02940e582c58f4b84ff79_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:3a96c1d964c7c5f39da73a2f846ad58311c0531f20789f48e229211139255200_s390x", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:40f0c0d4707cb3f6acbab593f917267af1cd7de322b382a2ddf442149c3e613c_ppc64le", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:642e765685e1d1ee7cd69a9d5230c2dc821ee71f7346135c992b25fdab278d03_amd64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:a05ef9733ca94354872cb346241bb754e45f72bd33af80fa5d336dac6f041dd0_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:2371688381650d6dd6a6800a2740df1d28f70c1eea8046ae2948f321c3e0e5e8_ppc64le", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:a51c789ed04a4c127c017625883041acd522831e885637071d41bfe3eebbcb34_amd64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:d3b7f453143d6702fd4b917f21c5a9297d0f7de52a1ccf39e5c1569724142d8f_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:ee861a555f0d02bf7aabc3e20704f865610c0f4f50a14a5a525b2e97d166870a_s390x", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:35d1eac6227a8a164d84926bc7229f33b6717dee1e94585216ab2b04d5d527a1_ppc64le", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:b2675cddc1075d884c8241ea3c57991cd6bd80e810f0581a0a637f39664be44d_s390x", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:d6b0e86f29dab6d89f6fa11c0784ff14cb1006760a16bee26336197f0cfae87a_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:dd2b23d192fa9271eb45655959e8d001e6d3d2c6d08315a475d538ad65f1df3a_arm64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:0e323da0373223f3d74b6f605b407a6b186ff2d2da4cf6f5110cdf915ebf921c_ppc64le", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:4780b0e407922afcff9fc07f5e6244c2b8b5c753bbb76fd0f447f272f18850f5_arm64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:7af598478e682a5e71ba687b6ff18410ef60702b4fa1d91ab27e9f639fc526e8_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:8e970b2b36adb7ab6c477c7d6f03319ea6e4f294cd3a795fe3c71bdbaffe6116_s390x", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:037f32bcb75c53c2ca3df761d42c8ac2c409c21cd52fb0f82b16a558cb465860_ppc64le", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:1b8c16923b7916824baf9b02d5b9654b36c57518051c42f909d8a3078d0dcb4f_arm64", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:2ed5806d7fa79c6a66ac58a18d7d1965a93f5014601aa47d7c17ab702074f7e7_s390x", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:e8ff466a5a96124a426bcbbd333dbe8e24413f379a03852a3d46f2bf80ec895d_amd64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:b7de40c100bb2398625d0c82bfacc95fa48aabbd9bf8b5f6392a4472859cbc32_amd64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:ca4cd77e3facd5539bd81fd48fe9336221e80ba291c0f833ffd83f0eaf11e07a_ppc64le", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:e855417861657cedde18cfc2f66c45b63824c37b4de0f9fc3f25f4ed67dbc36a_arm64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:e92a956984d1cf5aa52e10385ab5bc2e311c417e1e0c2f78164acb7eebdb5736_s390x", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:a9f793576637ced1ebe38ca9ac21755f042db908728146ef329fccf93811ce45_ppc64le", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:bf33628423223c08e8814e98e2e91dbc8ed1744b834df66d8d296873be92215c_arm64", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:d0661fcd6a08c6526494d24e3351ffb70957ef5b82b9ae7e3a990c9b5051d5cc_amd64", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:fd9b1ce2754afa36b13afcfd1f858d8349e7ce8da772581000f6d4cf022fa6a9_s390x", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:2d28b16b252edf0bd1e1ec3f820d155d1aff4a7a716f5443125fba72e6a63ac1_ppc64le", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:3ad1262ba07c5b5aa31a207b1653e19f7faacc4cb303d2b5a0763d10eb93e849_amd64", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:f1837082f8b4f9f7eae400a787caf3d5b96d350a34adfc018af912f271d63743_s390x", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:f7846422fdec5bf9401a3fb87698477eaa059229570396fcd585cc46253b2079_arm64", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:5a08a50c990ed4417d8f9f9841ee1de19634af2172a1f98b8fde1bb92fccefb0_ppc64le", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:63f6abf2d72b042858ad4980b027ae6f17ad6435b43e3f6c8546c74ffaf3a6f8_arm64", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:9446ac9d281170357d985a104a2fa073b3a569ee09a955a16e14612d685fef5e_amd64", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:a42328709ffb7f22214f7f0b6de4974b5d995124e88607d3d3375fa78ba801e2_s390x", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:128557c1c210c5fbd1d4a4fadac47332543701fed122ba74d4d2dfd2a073af9e_arm64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:8235a36f2220a68809f0babae52f80792e6ad0e16f721f7129f11e96cf3b2bd9_amd64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:cec39662240316282583d53b06957dd53eae71fe9ee9176619a9501d5fe52e18_ppc64le", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:fd44c058a007d51f81da06eb05c3e40222989b51a3b42f2c5d4348e688bebd12_s390x", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:2d645d3f46e9613f9007a8e640b48249708bd583e1f8119828ff7b6f03942c09_amd64", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:48409b1f123491da843395bd3dcaa53798134243ec3c36f9236936e9f24f4b45_arm64", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:6e89d7a3e6bf3c28253dd95cf29574d8c4f4719025ce5f80834f08327d106a34_s390x", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:81c01dc11be9f1392d08fc73d851a7ec9eacf231996abf16c8a72d8e236cabd9_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:0d003ef4b01caf461125e4bdb33400e8bef1544caa6489f5ded4d52481401939_arm64", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:3fafe8b059919821ba8ee3a84707a42dcf8b468cbaf6af648a38f0738d633895_amd64", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:443395da4ffb74c7a7da0e8d564a57b494c46229be0a2c4b5a4087f153e63245_s390x", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:784ca9b2ee4f24802a3287a20dae0b8837b39ac253fcec1f8e0327ca2c2b8e43_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:80041d399a8f8235338af770656f5d8ddf131f8434f4869ebd95e0d3d9e50594_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:c00bddf4726f69dd95b582de5a2ab5901c83176ba39b9d0232d274755b222cd1_amd64", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:ec6a6a410dc9fa64060cbc030c22ce8eb2df057f2dbcf38f39a830cc03c79152_s390x", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:f617a890dd4d7b2fdce173f70f0901236f488197ebde036935aab26c3f8b23ff_arm64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24999" }, { "category": "external", "summary": "RHBZ#2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24999", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999" }, { "category": "external", "summary": "https://github.com/expressjs/express/releases/tag/4.17.3", "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "category": "external", "summary": "https://github.com/ljharb/qs/pull/428", "url": "https://github.com/ljharb/qs/pull/428" }, { "category": "external", "summary": "https://github.com/n8tz/CVE-2022-24999", "url": "https://github.com/n8tz/CVE-2022-24999" } ], "release_date": "2022-11-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-15T21:17:30+00:00", "details": "For Red Hat Advanced Cluster Management for Kubernetes, see the following\ndocumentation, which will be updated shortly for this release, for important\ninstructions on installing this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.6/html-single/install/index#installing", "product_ids": [ "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:016f483a5e59153e14800c37d7e16da2fd074dcb84e0db61521c209d148e4fd3_s390x", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:0e83b7308b7f8efd0dd4c482d301231ea81744a9c243efddb57714f687625bb7_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:61130d76a9adf8c0aa14c46e56f5e7b1b588a186903e0559ed2139a6e6f70c86_amd64", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:805edfdb835ecd74495c3303651f536e5402e90b8fb1d3b8e205847fb93465e5_arm64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:899cb767f3e31ec536ca9d48930b1eaabb4907e6ec65d99fe0b9e186d0df6ca2_s390x", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:bc40aa848bbbebd35833e69b8011db918de5c3abf5954dd5d4166a01a486a74f_arm64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:bfe9b7bcf0625e885e052caf23a310702173a669620b32f071f83dea7b13991d_amd64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:f082c0cdabf220570bc3bdf145c66fefe39d31cbb988da962a3262d0264777e6_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:10508327d7bc352c8e15a4876f5b2703c7be468d2cca14172f2dee077ee49bb8_arm64", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:4ede1e02b3574cc788867b443a745dcc75d35abad1b53f24159c5bd29c200821_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:dda9d7c21f0ed27d0362402e7b5ce2883ab00b5122c1183b62072b7b2f558d8c_s390x", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:f44b26dc661c6d88ac3608d99d0dce9ad05d71b43402e01377ba0f367cbe73ff_amd64", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:5974496dcb98fb518cff7eb1d65fa84b44ca498d6b226715815152e4da018257_s390x", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:d211ac3abd79d3fbbfbe78f9c2f1886ff9e289fe01934d6e0f9f0797c6fba39b_amd64", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:fe1d26d24fd371f2d104d34ac91d604d250361ac35cadfb0841998f5afb44788_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0cb8bc0ed7d77f5a21023dbe793bf9e56e36dbbc7488f5998c999c7593e55e73_s390x", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:3e5827095c132f2f8c0fb4a413c32c1b6bfd11a5f759c2eb18f22b1bf8f57a64_arm64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:b7fe05d3c00a3e14691f7aeeac2adc8b278254c91341a82b04861aec1fdc2544_amd64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:cc25f7b4a426d4ad2bbd5769b4f22581ea50170fc743a8237f7fd07b7a2957a9_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:0110e8b7af143ead3c278a00375ba016bc46160dbfac15a151a9d929ffbb781c_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:a150ebba0dea0ddc16fe23701ba0400c0d1c62ba9ad34e44fd87d0257caee932_amd64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:a31024043f963ee49a4eaab131085952742ef082e1c47cc676998d6dcf207a6f_s390x", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:faf61986493ad09657d5bd3aa31a93363b9c231a87ad8dc69d8dcb1b5ebeb500_arm64", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:1b575eba8b7d2379cd04974fab889ccaf671875923e0904053a2896cf431e925_arm64", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:6292d00742228851ab7832e2852827df767492a2401d65dd420c8b0aeee24e97_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:7dc6c8a7939703d32323f7808810b1358aa34c080e1171cf7e5cb2a5a79e86ce_s390x", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:f3a2b0b31436ea31e3abbd4b61792b360143f3e00013aab65a8bd78973959369_amd64", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:19b56fec5b0398f1193e4695831d198ac88a75e496bc01c66ad25a92ad338f3b_amd64", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:2e83f766397a03678513afb6cf6a797e5266c4acd65117413e1f0e780b2ed54b_ppc64le", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:c3688d17fdae2a92ac51771fff354666ae0caaa298dc155e477a43b4f5c56133_s390x", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:eed520e609ffffce2fc428a4d1a8c18d824ff5b74582760ccc85dcdfbfe0c5a0_arm64", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:0bcd60d96620d8ca69bd8062234c8bf7b12c4ae584ac9b6278270915204a23f4_arm64", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:48efa4484d7892fcc0c282a06ab4e1183d9c6372f42fd309ca14e224ea33e9e7_ppc64le", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:5adb81f731b8399658946e6adadb67588f31d8edf3affbddfd7587afe0b487ae_s390x", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:f5d5a6f7de76cee2d3b1619f3d5fcf75194aacb4bc12d5d4c201bab4d5597ee2_amd64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:28e34470e1ec3c0b1ced4842a3479b3fba9cc9607aa5470c5b17590e1ca4bc6a_amd64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:49a48119aeb0fb449f65a50017f26abac02a4885b614d0c9e3eb8ab73ba7eb37_ppc64le", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:61a33bef5ae4af5437a3c8c3e2ed1070e034a1795c40dc2f037362056c6efe30_arm64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:80b49ccd71c92b359e8d872e47e8c5c5f8cc4d538fe5d62f1866b30d012ad0ab_s390x", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:6a0d8b3b5245d310b97053106f3efd1bad5c9f36a0e1e95d7a8422203a79c9ce_s390x", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:75b36663fe8d8cf2893f493506de374b2e5a92300e38c2de25286cbdadc28a5f_arm64", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:9f39582360916bb4b1992246996e3aa74acc45df687532ac633c6ba2355bf312_ppc64le", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:d704cbfd52ffc28600576014b2252f6bd68c24510fdec9fd07983e7a1d71abac_amd64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:369ff114990cffe175afce158b43b5961036970a98fbbdf215b4bd79ca453208_arm64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:3a0845abe6f3eb7daea9f7be70146c50157422ec08c4729e5d03afc0071b1b95_amd64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:60ffd918bb2555301ff77cc9aa0ed07b972055f5e3479cd272e2a37a25f6dca9_s390x", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:b34190c8bcba479316ca98b8970927b6ce186c976c158c8f366e8bd7d4b001ad_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:36311cf8452859515d1f38890c24be9a2700f57c56aa400899d055b115fa584c_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:b38271d78dbbb935d43a2f17f8b094c082f625fee82054457e2cd39fa0351994_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:c35e75613bd4ca07ed9e3191daaca9597b6565908cdf7d08983ba2b6b48396e3_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:f95041614179ec6b26333e673f7e7975853d16ee3657671ca23ab7127a4eb6a0_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:bab9db88a656cc8727c9b571644cc674212d338e7f4a9bc85d7225c80474926e_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:c08b6982d29a81ae3a773df997d072dfd9ce75730550d36b3e0b3824b5bd7ea9_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:cbc36059b752e976905b0229c11cae97e6f337d12025d23d87a307ad73ae6716_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:d4d0e7ba33b9e6d6587ce1b28ec25adc1e089d501d877d89ca648b63fb2a277e_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:85c62dda998b2a54a085bdf0c6ab1c3c82e600e1e02c1bb68924f526b6b9068d_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:93565ddd2b6e23cf9617182568d0857615c47e38876dffbe2487f94bcec24028_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:d21e99b074aa214bc51067968b914c8379e198436d57ea747df4338607b93d48_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:e3676c01071ea21f4fac104f37498fdf5b3fba1a179ba9cc711e6fcec30e82e8_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:1eb6675c10505c3879114b1943b507e0fbfa25f036a5f16135620e45dbf7658c_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:7f3571c3b232b867dbcc84cebc2da8f12d1c9a56ddaabd21eac5cc7baab1e3b5_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:ab113018e018c9832c611bec3a264b0d153f2a0eb0b627fe7dafb5b696ad27ed_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:eef6778e228371853f242025a102c4208c90c34f4cafab01bcff8c61c402c964_amd64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:12527f1a5d2344e97afa8b0617e1e88641b3c49887ecb443354a2c2bc43ece44_arm64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:1821593db2c0ca2390d7b79599d725cdd1ce97a48283d7e43b87bd3bc91f3d6a_amd64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:5a7e21a5e3541b9c0a0bb054af74ec83932cf89cabd577c3a8362e50ac4fc5e8_ppc64le", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:80418945860182a602c612527776d46f785d3559f785830f7c6e82393d19cb4d_s390x", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:06fb15f2fa6bed947eb7ca0f0e8d0cf70f06e66b27aaa693c870588d27d1c177_ppc64le", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:5c6a3d48b7cb1e8232982c5eac1a2b4387c282dfd605e2a557bec96f1f933f6d_s390x", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:80485bb799315ca749c41e97c4c7c03077812f6042e58d8074664e3f43b7f089_amd64", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:a0bd2dc5b2821c1ee0bf8f898a3a164514fc24bbe0bb4a12951eb85f0fd9d0b9_arm64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:321a39f4bb988e5e9c939408d6b8bbb1e028fe77fe8677ef2c0772b518721844_ppc64le", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:552124adf595742d3a825333527f832a0550c0ad2c1e696f4deb7f036398ed40_arm64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:67a073c946ec93ebc804e0659cef7adeafc2374cd50078213e5fdb9ea0ab39df_amd64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:bc072c76f3859a263c3d16910d35970be75b2e5f38372e8fdaf2d3aafbac56a0_s390x", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:185312f710adba3946767f8a9780d2b34a3d7f3f9817b34474b99cd5208bf7b6_arm64", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:6ee6966426237d620c6a6c6689c3a9f92402c1dee4705cb211b96fcf3c313206_ppc64le", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:a3282b636b15d635dd3efc864401745b7b498f1c479f53e3a433fec7911f8394_amd64", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:ff06b32d082d92e28c1717004064d3c7d86bfd0216397c945c15728a6ee215ef_s390x", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:504ca7e02b98a87d8ba9133af0edb696f4e678544c0525db88e07493bf453b77_ppc64le", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:7563def4a9aaa7919df519c6d8003e0a7ca809c4a5060de2452f07ba30814b23_amd64", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:797874e0775333e4a49efccafb02457047626957bdbb1433daf23760971ced06_s390x", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:ca3e4476b47ec7ee11f0ff337199476e6003acc49a52628a31e658d2e2a57964_arm64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:84512ecf696a455eda78faee46c67d133233cfc83c6cb9c94bac6e48f3a9f18a_ppc64le", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:93e3fd0ed70942cd139f9aa69cb1b554a9f233bcd9dee4ae6677884d1761bdbd_amd64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:a00401a78d20c87e74af58c3c863b96aac34a5a64d12e5b555ed9afdebee46de_arm64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:fd688c4075f922cbe83adcb086ff46a532305254b5afe9a4e47da04834a23a5a_s390x", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:0b80b5dfafea88c4622f2aab35cbbe9816be4c3f6efc0a95c9038f16a910aa84_amd64", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:58d091cc31aaaf066a26e313fa6c412e1f871693c55d4baa11637a00ee37cd4b_arm64", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:791c3a0554c9da69b7019389c5fa76db9c1520e90a0d8b308337480817f3497f_ppc64le", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:ef2946f0a6f2d46dd41ddb074dc570ab34eadd1abfc4ed0ef71ab3821c3e5b06_s390x", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:519209c863b2aac1fd7dc8ecb130f73ad122935e166066d1d6405396f00aa434_arm64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:58775de0ea7bc5d9ca4545b0c93c0bab71d0c4e0bcc21e86bc6f6e799875ff23_s390x", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:bd540cc538e2665a17665b07f5053b5b4402319af6959c384b279d152348d26e_ppc64le", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:f8c4d907139b78e05905be1b1a2005fcf1e1a8f86b811c8434c8d87131704806_amd64", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:15b0ce69868674b0f82ae4baf3590a54e01d9ebcc9dbc793e31f923289f8a975_s390x", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:4178399ac2e7fad92f077b0c33d653aabeddba0c2a52f168e691549ad1cc9726_arm64", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:4812b505722334bcb9fda21fcbaa22154d77d045528ed014e6c98b205037aa27_ppc64le", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:ff7140ddb5a1fce8c1020c779ff1d5050f019d24f739d4925857ea6d5a4dd79a_amd64", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:55869d62acabc78675fb3f926d45f6630f03ff380af76665eb36f3bd1ea17092_ppc64le", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:73d392672b8d9a1a2df91e47294f688d6747ff1ae5e9b8246b5cb58ca0c7f176_arm64", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:f354c65db51cbe4085d9ea8b0c8154ab50ace724373600aa2ef2da17ef32a4ab_amd64", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:fd666a970e27a34561fc0ec031d86f2e7f453e3865e68289dc5b592387dcad70_s390x", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:3873c526806dd32fe77619f276daf32444897abb706557cc63aaf6ab17e89e49_arm64", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:39501eeb312f7b4a13a0fc0420e4f06af944f7c81688e3a9430975e8579d4a20_amd64", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:dc64483b0208b0a1cc1fbc463364f58ac7aab2eaa259c4f4e8e78ccaf89d2998_s390x", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:dff76ab0cc28c3c4e7e588a421514e0c9041c50eb17071fdd9b1939015ed2ff0_ppc64le", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:2cac0b4e4c1093a726dde6fdc59cb2023dde20a7ca62f6ab7644953f4b02daa4_ppc64le", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:979e3786edd600e094a69d279701a42f6330b000957fd8ea4a12c85cbff04df2_amd64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:bb4fda4fdce6dcf70c3aae9c8d3ab9cf0c8c37c148558b9cf66872045dc3a1dd_s390x", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:c80b686c8b6c445142f11eae2e67b9159bd86bd68f3b979276854909459ddec6_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:24ee2dbc8f1a72b95ef5f2d2ff8ee64fdbb99c34691eee2280536b5b19f2de91_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:2e8cc1abec346c56921e6962b5117d40b2d5e60474297134ea112c2111b1255c_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:9ff85e41b931a9856f0ff290f6cbfd461bc7fd3dfc36b40c656273a36c81cadd_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:b329b846f30a02dc12a9af1006b32eae111fb9954dcf5ab4dd01142c73768291_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:3a2ff6f8f3df7f191fd9b4c3f11109b26d69498f40ab80107de46363abd2336f_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:c113b3f518ed735c27ec6ff124b1737fd15bb34cb387cfca2ba3215bf09f5d7f_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:ec13dbcfaa27524e0b93f744643dcb5c8f425246c3270cc6af038aa0efb8145f_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:f25f468c8bf12bef03b9d38400da0b11a97360afb1b163571e32f8c66509d723_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:88327afd50a1735b903d5fb9dc8c5f12c1367dd2293bf64708002890f52741a0_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:911a0452186303c9b3f82a4d964fdfe31422f84657173a6f272f67bf80e16871_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:b511716b38f4b9e4b29ff8a6878823dabc908de452707623c186f16688603fe4_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:f9f36b945a7929f50993dc1196fa8f8027228fc113d3cdc3016ff8d9b28ce17f_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:1142ea372b1546c788283767025a0e93caf4879081db2fee0e3d477a42d53b71_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:841da85404d50361fbf25c135ebf40cc86abb853031dd36bfa0ccd0d811d9fd4_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:b37c5a10ed9642eea4400436375483dbc526ce9e3f1207327df3ff4e9d260fd1_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:e83389b09ed8acbe2785767709cefbe14e03030e7480a31b0ee088e82093e297_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:5ccf00aa7a2af38f1521e8738a0c727a564723a0f5bead3f0a57c219b79b4590_s390x", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:a11c532fe076f1ad0b430cc2e2a66a31f046d49d03057ba0ee9e22dd73655e11_arm64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:b4ec8064135b8a0a37c4d9190e6a39429140243f9e7a97d4d82e4e0ae349aa71_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:d25bc23a7446ebc266cc759cd23cefe2909e6f7f26b346af29d5eeee59588eea_ppc64le", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:04bffd7c3d708ecdfb9f750dc571242ecb575760b2dc032a89d6b90d996f9298_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:1113003b61001b92cd12e58b67e7f8e8ef48e7135d35cdc76cf50a27287844c3_arm64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:5f973fe1f74245e35a674c00e60f32d23dcc0871f1546f04cc754c5393b0ec53_ppc64le", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:6872989663e4716682420fbbb47e73bf259d1eea70d649bebb29b317ef36916a_s390x", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:1652bcd9320bf9e383e5e991f7abe47a3085cbfb6e15bbcc19685c6975c2a4cb_ppc64le", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:8d9f9e38e1867643b8e57443e97a5d7772a8a2adf547b5f0c5a259dc49916417_s390x", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:9bd622d81286a07c025a9dce55ca1139e4b93cae830dfe347d57ad368751e43e_amd64", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:c7e08cb097dbed71c5177b4cccd44a228c5ec85061b02940e582c58f4b84ff79_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:3a96c1d964c7c5f39da73a2f846ad58311c0531f20789f48e229211139255200_s390x", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:40f0c0d4707cb3f6acbab593f917267af1cd7de322b382a2ddf442149c3e613c_ppc64le", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:642e765685e1d1ee7cd69a9d5230c2dc821ee71f7346135c992b25fdab278d03_amd64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:a05ef9733ca94354872cb346241bb754e45f72bd33af80fa5d336dac6f041dd0_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:2371688381650d6dd6a6800a2740df1d28f70c1eea8046ae2948f321c3e0e5e8_ppc64le", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:a51c789ed04a4c127c017625883041acd522831e885637071d41bfe3eebbcb34_amd64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:d3b7f453143d6702fd4b917f21c5a9297d0f7de52a1ccf39e5c1569724142d8f_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:ee861a555f0d02bf7aabc3e20704f865610c0f4f50a14a5a525b2e97d166870a_s390x", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:35d1eac6227a8a164d84926bc7229f33b6717dee1e94585216ab2b04d5d527a1_ppc64le", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:b2675cddc1075d884c8241ea3c57991cd6bd80e810f0581a0a637f39664be44d_s390x", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:d6b0e86f29dab6d89f6fa11c0784ff14cb1006760a16bee26336197f0cfae87a_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:dd2b23d192fa9271eb45655959e8d001e6d3d2c6d08315a475d538ad65f1df3a_arm64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:0e323da0373223f3d74b6f605b407a6b186ff2d2da4cf6f5110cdf915ebf921c_ppc64le", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:4780b0e407922afcff9fc07f5e6244c2b8b5c753bbb76fd0f447f272f18850f5_arm64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:7af598478e682a5e71ba687b6ff18410ef60702b4fa1d91ab27e9f639fc526e8_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:8e970b2b36adb7ab6c477c7d6f03319ea6e4f294cd3a795fe3c71bdbaffe6116_s390x", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:037f32bcb75c53c2ca3df761d42c8ac2c409c21cd52fb0f82b16a558cb465860_ppc64le", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:1b8c16923b7916824baf9b02d5b9654b36c57518051c42f909d8a3078d0dcb4f_arm64", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:2ed5806d7fa79c6a66ac58a18d7d1965a93f5014601aa47d7c17ab702074f7e7_s390x", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:e8ff466a5a96124a426bcbbd333dbe8e24413f379a03852a3d46f2bf80ec895d_amd64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:b7de40c100bb2398625d0c82bfacc95fa48aabbd9bf8b5f6392a4472859cbc32_amd64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:ca4cd77e3facd5539bd81fd48fe9336221e80ba291c0f833ffd83f0eaf11e07a_ppc64le", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:e855417861657cedde18cfc2f66c45b63824c37b4de0f9fc3f25f4ed67dbc36a_arm64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:e92a956984d1cf5aa52e10385ab5bc2e311c417e1e0c2f78164acb7eebdb5736_s390x", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:a9f793576637ced1ebe38ca9ac21755f042db908728146ef329fccf93811ce45_ppc64le", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:bf33628423223c08e8814e98e2e91dbc8ed1744b834df66d8d296873be92215c_arm64", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:d0661fcd6a08c6526494d24e3351ffb70957ef5b82b9ae7e3a990c9b5051d5cc_amd64", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:fd9b1ce2754afa36b13afcfd1f858d8349e7ce8da772581000f6d4cf022fa6a9_s390x", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:2d28b16b252edf0bd1e1ec3f820d155d1aff4a7a716f5443125fba72e6a63ac1_ppc64le", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:3ad1262ba07c5b5aa31a207b1653e19f7faacc4cb303d2b5a0763d10eb93e849_amd64", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:f1837082f8b4f9f7eae400a787caf3d5b96d350a34adfc018af912f271d63743_s390x", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:f7846422fdec5bf9401a3fb87698477eaa059229570396fcd585cc46253b2079_arm64", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:5a08a50c990ed4417d8f9f9841ee1de19634af2172a1f98b8fde1bb92fccefb0_ppc64le", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:63f6abf2d72b042858ad4980b027ae6f17ad6435b43e3f6c8546c74ffaf3a6f8_arm64", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:9446ac9d281170357d985a104a2fa073b3a569ee09a955a16e14612d685fef5e_amd64", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:a42328709ffb7f22214f7f0b6de4974b5d995124e88607d3d3375fa78ba801e2_s390x", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:128557c1c210c5fbd1d4a4fadac47332543701fed122ba74d4d2dfd2a073af9e_arm64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:8235a36f2220a68809f0babae52f80792e6ad0e16f721f7129f11e96cf3b2bd9_amd64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:cec39662240316282583d53b06957dd53eae71fe9ee9176619a9501d5fe52e18_ppc64le", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:fd44c058a007d51f81da06eb05c3e40222989b51a3b42f2c5d4348e688bebd12_s390x", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:2d645d3f46e9613f9007a8e640b48249708bd583e1f8119828ff7b6f03942c09_amd64", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:48409b1f123491da843395bd3dcaa53798134243ec3c36f9236936e9f24f4b45_arm64", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:6e89d7a3e6bf3c28253dd95cf29574d8c4f4719025ce5f80834f08327d106a34_s390x", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:81c01dc11be9f1392d08fc73d851a7ec9eacf231996abf16c8a72d8e236cabd9_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:0d003ef4b01caf461125e4bdb33400e8bef1544caa6489f5ded4d52481401939_arm64", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:3fafe8b059919821ba8ee3a84707a42dcf8b468cbaf6af648a38f0738d633895_amd64", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:443395da4ffb74c7a7da0e8d564a57b494c46229be0a2c4b5a4087f153e63245_s390x", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:784ca9b2ee4f24802a3287a20dae0b8837b39ac253fcec1f8e0327ca2c2b8e43_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:80041d399a8f8235338af770656f5d8ddf131f8434f4869ebd95e0d3d9e50594_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:c00bddf4726f69dd95b582de5a2ab5901c83176ba39b9d0232d274755b222cd1_amd64", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:ec6a6a410dc9fa64060cbc030c22ce8eb2df057f2dbcf38f39a830cc03c79152_s390x", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:f617a890dd4d7b2fdce173f70f0901236f488197ebde036935aab26c3f8b23ff_arm64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0794" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:016f483a5e59153e14800c37d7e16da2fd074dcb84e0db61521c209d148e4fd3_s390x", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:0e83b7308b7f8efd0dd4c482d301231ea81744a9c243efddb57714f687625bb7_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:61130d76a9adf8c0aa14c46e56f5e7b1b588a186903e0559ed2139a6e6f70c86_amd64", "8Base-RHACM-2.6:rhacm2/acm-governance-policy-addon-controller-rhel8@sha256:805edfdb835ecd74495c3303651f536e5402e90b8fb1d3b8e205847fb93465e5_arm64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:899cb767f3e31ec536ca9d48930b1eaabb4907e6ec65d99fe0b9e186d0df6ca2_s390x", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:bc40aa848bbbebd35833e69b8011db918de5c3abf5954dd5d4166a01a486a74f_arm64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:bfe9b7bcf0625e885e052caf23a310702173a669620b32f071f83dea7b13991d_amd64", "8Base-RHACM-2.6:rhacm2/acm-grafana-rhel8@sha256:f082c0cdabf220570bc3bdf145c66fefe39d31cbb988da962a3262d0264777e6_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:10508327d7bc352c8e15a4876f5b2703c7be468d2cca14172f2dee077ee49bb8_arm64", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:4ede1e02b3574cc788867b443a745dcc75d35abad1b53f24159c5bd29c200821_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:dda9d7c21f0ed27d0362402e7b5ce2883ab00b5122c1183b62072b7b2f558d8c_s390x", "8Base-RHACM-2.6:rhacm2/acm-must-gather-rhel8@sha256:f44b26dc661c6d88ac3608d99d0dce9ad05d71b43402e01377ba0f367cbe73ff_amd64", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:5974496dcb98fb518cff7eb1d65fa84b44ca498d6b226715815152e4da018257_s390x", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:d211ac3abd79d3fbbfbe78f9c2f1886ff9e289fe01934d6e0f9f0797c6fba39b_amd64", "8Base-RHACM-2.6:rhacm2/acm-operator-bundle@sha256:fe1d26d24fd371f2d104d34ac91d604d250361ac35cadfb0841998f5afb44788_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:0cb8bc0ed7d77f5a21023dbe793bf9e56e36dbbc7488f5998c999c7593e55e73_s390x", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:3e5827095c132f2f8c0fb4a413c32c1b6bfd11a5f759c2eb18f22b1bf8f57a64_arm64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:b7fe05d3c00a3e14691f7aeeac2adc8b278254c91341a82b04861aec1fdc2544_amd64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-config-reloader-rhel8@sha256:cc25f7b4a426d4ad2bbd5769b4f22581ea50170fc743a8237f7fd07b7a2957a9_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:0110e8b7af143ead3c278a00375ba016bc46160dbfac15a151a9d929ffbb781c_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:a150ebba0dea0ddc16fe23701ba0400c0d1c62ba9ad34e44fd87d0257caee932_amd64", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:a31024043f963ee49a4eaab131085952742ef082e1c47cc676998d6dcf207a6f_s390x", "8Base-RHACM-2.6:rhacm2/acm-prometheus-rhel8@sha256:faf61986493ad09657d5bd3aa31a93363b9c231a87ad8dc69d8dcb1b5ebeb500_arm64", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:1b575eba8b7d2379cd04974fab889ccaf671875923e0904053a2896cf431e925_arm64", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:6292d00742228851ab7832e2852827df767492a2401d65dd420c8b0aeee24e97_ppc64le", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:7dc6c8a7939703d32323f7808810b1358aa34c080e1171cf7e5cb2a5a79e86ce_s390x", "8Base-RHACM-2.6:rhacm2/acm-volsync-addon-controller-rhel8@sha256:f3a2b0b31436ea31e3abbd4b61792b360143f3e00013aab65a8bd78973959369_amd64", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:19b56fec5b0398f1193e4695831d198ac88a75e496bc01c66ad25a92ad338f3b_amd64", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:2e83f766397a03678513afb6cf6a797e5266c4acd65117413e1f0e780b2ed54b_ppc64le", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:c3688d17fdae2a92ac51771fff354666ae0caaa298dc155e477a43b4f5c56133_s390x", "8Base-RHACM-2.6:rhacm2/cert-policy-controller-rhel8@sha256:eed520e609ffffce2fc428a4d1a8c18d824ff5b74582760ccc85dcdfbfe0c5a0_arm64", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:0bcd60d96620d8ca69bd8062234c8bf7b12c4ae584ac9b6278270915204a23f4_arm64", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:48efa4484d7892fcc0c282a06ab4e1183d9c6372f42fd309ca14e224ea33e9e7_ppc64le", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:5adb81f731b8399658946e6adadb67588f31d8edf3affbddfd7587afe0b487ae_s390x", "8Base-RHACM-2.6:rhacm2/cluster-backup-rhel8-operator@sha256:f5d5a6f7de76cee2d3b1619f3d5fcf75194aacb4bc12d5d4c201bab4d5597ee2_amd64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:28e34470e1ec3c0b1ced4842a3479b3fba9cc9607aa5470c5b17590e1ca4bc6a_amd64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:49a48119aeb0fb449f65a50017f26abac02a4885b614d0c9e3eb8ab73ba7eb37_ppc64le", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:61a33bef5ae4af5437a3c8c3e2ed1070e034a1795c40dc2f037362056c6efe30_arm64", "8Base-RHACM-2.6:rhacm2/config-policy-controller-rhel8@sha256:80b49ccd71c92b359e8d872e47e8c5c5f8cc4d538fe5d62f1866b30d012ad0ab_s390x", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:6a0d8b3b5245d310b97053106f3efd1bad5c9f36a0e1e95d7a8422203a79c9ce_s390x", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:75b36663fe8d8cf2893f493506de374b2e5a92300e38c2de25286cbdadc28a5f_arm64", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:9f39582360916bb4b1992246996e3aa74acc45df687532ac633c6ba2355bf312_ppc64le", "8Base-RHACM-2.6:rhacm2/console-rhel8@sha256:d704cbfd52ffc28600576014b2252f6bd68c24510fdec9fd07983e7a1d71abac_amd64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:369ff114990cffe175afce158b43b5961036970a98fbbdf215b4bd79ca453208_arm64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:3a0845abe6f3eb7daea9f7be70146c50157422ec08c4729e5d03afc0071b1b95_amd64", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:60ffd918bb2555301ff77cc9aa0ed07b972055f5e3479cd272e2a37a25f6dca9_s390x", "8Base-RHACM-2.6:rhacm2/endpoint-monitoring-rhel8-operator@sha256:b34190c8bcba479316ca98b8970927b6ce186c976c158c8f366e8bd7d4b001ad_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:36311cf8452859515d1f38890c24be9a2700f57c56aa400899d055b115fa584c_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:b38271d78dbbb935d43a2f17f8b094c082f625fee82054457e2cd39fa0351994_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:c35e75613bd4ca07ed9e3191daaca9597b6565908cdf7d08983ba2b6b48396e3_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-propagator-rhel8@sha256:f95041614179ec6b26333e673f7e7975853d16ee3657671ca23ab7127a4eb6a0_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:bab9db88a656cc8727c9b571644cc674212d338e7f4a9bc85d7225c80474926e_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:c08b6982d29a81ae3a773df997d072dfd9ce75730550d36b3e0b3824b5bd7ea9_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:cbc36059b752e976905b0229c11cae97e6f337d12025d23d87a307ad73ae6716_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-spec-sync-rhel8@sha256:d4d0e7ba33b9e6d6587ce1b28ec25adc1e089d501d877d89ca648b63fb2a277e_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:85c62dda998b2a54a085bdf0c6ab1c3c82e600e1e02c1bb68924f526b6b9068d_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:93565ddd2b6e23cf9617182568d0857615c47e38876dffbe2487f94bcec24028_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:d21e99b074aa214bc51067968b914c8379e198436d57ea747df4338607b93d48_amd64", "8Base-RHACM-2.6:rhacm2/governance-policy-status-sync-rhel8@sha256:e3676c01071ea21f4fac104f37498fdf5b3fba1a179ba9cc711e6fcec30e82e8_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:1eb6675c10505c3879114b1943b507e0fbfa25f036a5f16135620e45dbf7658c_s390x", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:7f3571c3b232b867dbcc84cebc2da8f12d1c9a56ddaabd21eac5cc7baab1e3b5_ppc64le", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:ab113018e018c9832c611bec3a264b0d153f2a0eb0b627fe7dafb5b696ad27ed_arm64", "8Base-RHACM-2.6:rhacm2/governance-policy-template-sync-rhel8@sha256:eef6778e228371853f242025a102c4208c90c34f4cafab01bcff8c61c402c964_amd64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:12527f1a5d2344e97afa8b0617e1e88641b3c49887ecb443354a2c2bc43ece44_arm64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:1821593db2c0ca2390d7b79599d725cdd1ce97a48283d7e43b87bd3bc91f3d6a_amd64", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:5a7e21a5e3541b9c0a0bb054af74ec83932cf89cabd577c3a8362e50ac4fc5e8_ppc64le", "8Base-RHACM-2.6:rhacm2/grafana-dashboard-loader-rhel8@sha256:80418945860182a602c612527776d46f785d3559f785830f7c6e82393d19cb4d_s390x", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:06fb15f2fa6bed947eb7ca0f0e8d0cf70f06e66b27aaa693c870588d27d1c177_ppc64le", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:5c6a3d48b7cb1e8232982c5eac1a2b4387c282dfd605e2a557bec96f1f933f6d_s390x", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:80485bb799315ca749c41e97c4c7c03077812f6042e58d8074664e3f43b7f089_amd64", "8Base-RHACM-2.6:rhacm2/iam-policy-controller-rhel8@sha256:a0bd2dc5b2821c1ee0bf8f898a3a164514fc24bbe0bb4a12951eb85f0fd9d0b9_arm64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:321a39f4bb988e5e9c939408d6b8bbb1e028fe77fe8677ef2c0772b518721844_ppc64le", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:552124adf595742d3a825333527f832a0550c0ad2c1e696f4deb7f036398ed40_arm64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:67a073c946ec93ebc804e0659cef7adeafc2374cd50078213e5fdb9ea0ab39df_amd64", "8Base-RHACM-2.6:rhacm2/insights-client-rhel8@sha256:bc072c76f3859a263c3d16910d35970be75b2e5f38372e8fdaf2d3aafbac56a0_s390x", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:185312f710adba3946767f8a9780d2b34a3d7f3f9817b34474b99cd5208bf7b6_arm64", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:6ee6966426237d620c6a6c6689c3a9f92402c1dee4705cb211b96fcf3c313206_ppc64le", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:a3282b636b15d635dd3efc864401745b7b498f1c479f53e3a433fec7911f8394_amd64", "8Base-RHACM-2.6:rhacm2/insights-metrics-rhel8@sha256:ff06b32d082d92e28c1717004064d3c7d86bfd0216397c945c15728a6ee215ef_s390x", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:504ca7e02b98a87d8ba9133af0edb696f4e678544c0525db88e07493bf453b77_ppc64le", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:7563def4a9aaa7919df519c6d8003e0a7ca809c4a5060de2452f07ba30814b23_amd64", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:797874e0775333e4a49efccafb02457047626957bdbb1433daf23760971ced06_s390x", "8Base-RHACM-2.6:rhacm2/klusterlet-addon-controller-rhel8@sha256:ca3e4476b47ec7ee11f0ff337199476e6003acc49a52628a31e658d2e2a57964_arm64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:84512ecf696a455eda78faee46c67d133233cfc83c6cb9c94bac6e48f3a9f18a_ppc64le", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:93e3fd0ed70942cd139f9aa69cb1b554a9f233bcd9dee4ae6677884d1761bdbd_amd64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:a00401a78d20c87e74af58c3c863b96aac34a5a64d12e5b555ed9afdebee46de_arm64", "8Base-RHACM-2.6:rhacm2/kube-rbac-proxy-rhel8@sha256:fd688c4075f922cbe83adcb086ff46a532305254b5afe9a4e47da04834a23a5a_s390x", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:0b80b5dfafea88c4622f2aab35cbbe9816be4c3f6efc0a95c9038f16a910aa84_amd64", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:58d091cc31aaaf066a26e313fa6c412e1f871693c55d4baa11637a00ee37cd4b_arm64", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:791c3a0554c9da69b7019389c5fa76db9c1520e90a0d8b308337480817f3497f_ppc64le", "8Base-RHACM-2.6:rhacm2/kube-state-metrics-rhel8@sha256:ef2946f0a6f2d46dd41ddb074dc570ab34eadd1abfc4ed0ef71ab3821c3e5b06_s390x", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:519209c863b2aac1fd7dc8ecb130f73ad122935e166066d1d6405396f00aa434_arm64", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:58775de0ea7bc5d9ca4545b0c93c0bab71d0c4e0bcc21e86bc6f6e799875ff23_s390x", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:bd540cc538e2665a17665b07f5053b5b4402319af6959c384b279d152348d26e_ppc64le", "8Base-RHACM-2.6:rhacm2/management-ingress-rhel8@sha256:f8c4d907139b78e05905be1b1a2005fcf1e1a8f86b811c8434c8d87131704806_amd64", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:15b0ce69868674b0f82ae4baf3590a54e01d9ebcc9dbc793e31f923289f8a975_s390x", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:4178399ac2e7fad92f077b0c33d653aabeddba0c2a52f168e691549ad1cc9726_arm64", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:4812b505722334bcb9fda21fcbaa22154d77d045528ed014e6c98b205037aa27_ppc64le", "8Base-RHACM-2.6:rhacm2/memcached-exporter-rhel8@sha256:ff7140ddb5a1fce8c1020c779ff1d5050f019d24f739d4925857ea6d5a4dd79a_amd64", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:55869d62acabc78675fb3f926d45f6630f03ff380af76665eb36f3bd1ea17092_ppc64le", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:73d392672b8d9a1a2df91e47294f688d6747ff1ae5e9b8246b5cb58ca0c7f176_arm64", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:f354c65db51cbe4085d9ea8b0c8154ab50ace724373600aa2ef2da17ef32a4ab_amd64", "8Base-RHACM-2.6:rhacm2/memcached-rhel8@sha256:fd666a970e27a34561fc0ec031d86f2e7f453e3865e68289dc5b592387dcad70_s390x", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:3873c526806dd32fe77619f276daf32444897abb706557cc63aaf6ab17e89e49_arm64", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:39501eeb312f7b4a13a0fc0420e4f06af944f7c81688e3a9430975e8579d4a20_amd64", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:dc64483b0208b0a1cc1fbc463364f58ac7aab2eaa259c4f4e8e78ccaf89d2998_s390x", "8Base-RHACM-2.6:rhacm2/metrics-collector-rhel8@sha256:dff76ab0cc28c3c4e7e588a421514e0c9041c50eb17071fdd9b1939015ed2ff0_ppc64le", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:2cac0b4e4c1093a726dde6fdc59cb2023dde20a7ca62f6ab7644953f4b02daa4_ppc64le", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:979e3786edd600e094a69d279701a42f6330b000957fd8ea4a12c85cbff04df2_amd64", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:bb4fda4fdce6dcf70c3aae9c8d3ab9cf0c8c37c148558b9cf66872045dc3a1dd_s390x", "8Base-RHACM-2.6:rhacm2/multicloud-integrations-rhel8@sha256:c80b686c8b6c445142f11eae2e67b9159bd86bd68f3b979276854909459ddec6_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:24ee2dbc8f1a72b95ef5f2d2ff8ee64fdbb99c34691eee2280536b5b19f2de91_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:2e8cc1abec346c56921e6962b5117d40b2d5e60474297134ea112c2111b1255c_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:9ff85e41b931a9856f0ff290f6cbfd461bc7fd3dfc36b40c656273a36c81cadd_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-observability-rhel8-operator@sha256:b329b846f30a02dc12a9af1006b32eae111fb9954dcf5ab4dd01142c73768291_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:3a2ff6f8f3df7f191fd9b4c3f11109b26d69498f40ab80107de46363abd2336f_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:c113b3f518ed735c27ec6ff124b1737fd15bb34cb387cfca2ba3215bf09f5d7f_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:ec13dbcfaa27524e0b93f744643dcb5c8f425246c3270cc6af038aa0efb8145f_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-application-rhel8@sha256:f25f468c8bf12bef03b9d38400da0b11a97360afb1b163571e32f8c66509d723_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:88327afd50a1735b903d5fb9dc8c5f12c1367dd2293bf64708002890f52741a0_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:911a0452186303c9b3f82a4d964fdfe31422f84657173a6f272f67bf80e16871_amd64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:b511716b38f4b9e4b29ff8a6878823dabc908de452707623c186f16688603fe4_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-channel-rhel8@sha256:f9f36b945a7929f50993dc1196fa8f8027228fc113d3cdc3016ff8d9b28ce17f_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:1142ea372b1546c788283767025a0e93caf4879081db2fee0e3d477a42d53b71_ppc64le", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:841da85404d50361fbf25c135ebf40cc86abb853031dd36bfa0ccd0d811d9fd4_s390x", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:b37c5a10ed9642eea4400436375483dbc526ce9e3f1207327df3ff4e9d260fd1_arm64", "8Base-RHACM-2.6:rhacm2/multicluster-operators-subscription-rhel8@sha256:e83389b09ed8acbe2785767709cefbe14e03030e7480a31b0ee088e82093e297_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:5ccf00aa7a2af38f1521e8738a0c727a564723a0f5bead3f0a57c219b79b4590_s390x", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:a11c532fe076f1ad0b430cc2e2a66a31f046d49d03057ba0ee9e22dd73655e11_arm64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:b4ec8064135b8a0a37c4d9190e6a39429140243f9e7a97d4d82e4e0ae349aa71_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-repo-rhel8@sha256:d25bc23a7446ebc266cc759cd23cefe2909e6f7f26b346af29d5eeee59588eea_ppc64le", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:04bffd7c3d708ecdfb9f750dc571242ecb575760b2dc032a89d6b90d996f9298_amd64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:1113003b61001b92cd12e58b67e7f8e8ef48e7135d35cdc76cf50a27287844c3_arm64", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:5f973fe1f74245e35a674c00e60f32d23dcc0871f1546f04cc754c5393b0ec53_ppc64le", "8Base-RHACM-2.6:rhacm2/multiclusterhub-rhel8@sha256:6872989663e4716682420fbbb47e73bf259d1eea70d649bebb29b317ef36916a_s390x", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:1652bcd9320bf9e383e5e991f7abe47a3085cbfb6e15bbcc19685c6975c2a4cb_ppc64le", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:8d9f9e38e1867643b8e57443e97a5d7772a8a2adf547b5f0c5a259dc49916417_s390x", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:9bd622d81286a07c025a9dce55ca1139e4b93cae830dfe347d57ad368751e43e_amd64", "8Base-RHACM-2.6:rhacm2/node-exporter-rhel8@sha256:c7e08cb097dbed71c5177b4cccd44a228c5ec85061b02940e582c58f4b84ff79_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:3a96c1d964c7c5f39da73a2f846ad58311c0531f20789f48e229211139255200_s390x", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:40f0c0d4707cb3f6acbab593f917267af1cd7de322b382a2ddf442149c3e613c_ppc64le", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:642e765685e1d1ee7cd69a9d5230c2dc821ee71f7346135c992b25fdab278d03_amd64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8-operator@sha256:a05ef9733ca94354872cb346241bb754e45f72bd33af80fa5d336dac6f041dd0_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:2371688381650d6dd6a6800a2740df1d28f70c1eea8046ae2948f321c3e0e5e8_ppc64le", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:a51c789ed04a4c127c017625883041acd522831e885637071d41bfe3eebbcb34_amd64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:d3b7f453143d6702fd4b917f21c5a9297d0f7de52a1ccf39e5c1569724142d8f_arm64", "8Base-RHACM-2.6:rhacm2/observatorium-rhel8@sha256:ee861a555f0d02bf7aabc3e20704f865610c0f4f50a14a5a525b2e97d166870a_s390x", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:35d1eac6227a8a164d84926bc7229f33b6717dee1e94585216ab2b04d5d527a1_ppc64le", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:b2675cddc1075d884c8241ea3c57991cd6bd80e810f0581a0a637f39664be44d_s390x", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:d6b0e86f29dab6d89f6fa11c0784ff14cb1006760a16bee26336197f0cfae87a_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-alertmanager-rhel8@sha256:dd2b23d192fa9271eb45655959e8d001e6d3d2c6d08315a475d538ad65f1df3a_arm64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:0e323da0373223f3d74b6f605b407a6b186ff2d2da4cf6f5110cdf915ebf921c_ppc64le", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:4780b0e407922afcff9fc07f5e6244c2b8b5c753bbb76fd0f447f272f18850f5_arm64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:7af598478e682a5e71ba687b6ff18410ef60702b4fa1d91ab27e9f639fc526e8_amd64", "8Base-RHACM-2.6:rhacm2/prometheus-rhel8@sha256:8e970b2b36adb7ab6c477c7d6f03319ea6e4f294cd3a795fe3c71bdbaffe6116_s390x", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:037f32bcb75c53c2ca3df761d42c8ac2c409c21cd52fb0f82b16a558cb465860_ppc64le", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:1b8c16923b7916824baf9b02d5b9654b36c57518051c42f909d8a3078d0dcb4f_arm64", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:2ed5806d7fa79c6a66ac58a18d7d1965a93f5014601aa47d7c17ab702074f7e7_s390x", "8Base-RHACM-2.6:rhacm2/rbac-query-proxy-rhel8@sha256:e8ff466a5a96124a426bcbbd333dbe8e24413f379a03852a3d46f2bf80ec895d_amd64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:b7de40c100bb2398625d0c82bfacc95fa48aabbd9bf8b5f6392a4472859cbc32_amd64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:ca4cd77e3facd5539bd81fd48fe9336221e80ba291c0f833ffd83f0eaf11e07a_ppc64le", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:e855417861657cedde18cfc2f66c45b63824c37b4de0f9fc3f25f4ed67dbc36a_arm64", "8Base-RHACM-2.6:rhacm2/redisgraph-tls-rhel8@sha256:e92a956984d1cf5aa52e10385ab5bc2e311c417e1e0c2f78164acb7eebdb5736_s390x", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:a9f793576637ced1ebe38ca9ac21755f042db908728146ef329fccf93811ce45_ppc64le", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:bf33628423223c08e8814e98e2e91dbc8ed1744b834df66d8d296873be92215c_arm64", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:d0661fcd6a08c6526494d24e3351ffb70957ef5b82b9ae7e3a990c9b5051d5cc_amd64", "8Base-RHACM-2.6:rhacm2/search-aggregator-rhel8@sha256:fd9b1ce2754afa36b13afcfd1f858d8349e7ce8da772581000f6d4cf022fa6a9_s390x", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:2d28b16b252edf0bd1e1ec3f820d155d1aff4a7a716f5443125fba72e6a63ac1_ppc64le", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:3ad1262ba07c5b5aa31a207b1653e19f7faacc4cb303d2b5a0763d10eb93e849_amd64", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:f1837082f8b4f9f7eae400a787caf3d5b96d350a34adfc018af912f271d63743_s390x", "8Base-RHACM-2.6:rhacm2/search-api-rhel8@sha256:f7846422fdec5bf9401a3fb87698477eaa059229570396fcd585cc46253b2079_arm64", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:5a08a50c990ed4417d8f9f9841ee1de19634af2172a1f98b8fde1bb92fccefb0_ppc64le", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:63f6abf2d72b042858ad4980b027ae6f17ad6435b43e3f6c8546c74ffaf3a6f8_arm64", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:9446ac9d281170357d985a104a2fa073b3a569ee09a955a16e14612d685fef5e_amd64", "8Base-RHACM-2.6:rhacm2/search-collector-rhel8@sha256:a42328709ffb7f22214f7f0b6de4974b5d995124e88607d3d3375fa78ba801e2_s390x", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:128557c1c210c5fbd1d4a4fadac47332543701fed122ba74d4d2dfd2a073af9e_arm64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:8235a36f2220a68809f0babae52f80792e6ad0e16f721f7129f11e96cf3b2bd9_amd64", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:cec39662240316282583d53b06957dd53eae71fe9ee9176619a9501d5fe52e18_ppc64le", "8Base-RHACM-2.6:rhacm2/search-rhel8@sha256:fd44c058a007d51f81da06eb05c3e40222989b51a3b42f2c5d4348e688bebd12_s390x", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:2d645d3f46e9613f9007a8e640b48249708bd583e1f8119828ff7b6f03942c09_amd64", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:48409b1f123491da843395bd3dcaa53798134243ec3c36f9236936e9f24f4b45_arm64", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:6e89d7a3e6bf3c28253dd95cf29574d8c4f4719025ce5f80834f08327d106a34_s390x", "8Base-RHACM-2.6:rhacm2/submariner-addon-rhel8@sha256:81c01dc11be9f1392d08fc73d851a7ec9eacf231996abf16c8a72d8e236cabd9_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:0d003ef4b01caf461125e4bdb33400e8bef1544caa6489f5ded4d52481401939_arm64", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:3fafe8b059919821ba8ee3a84707a42dcf8b468cbaf6af648a38f0738d633895_amd64", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:443395da4ffb74c7a7da0e8d564a57b494c46229be0a2c4b5a4087f153e63245_s390x", "8Base-RHACM-2.6:rhacm2/thanos-receive-controller-rhel8@sha256:784ca9b2ee4f24802a3287a20dae0b8837b39ac253fcec1f8e0327ca2c2b8e43_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:80041d399a8f8235338af770656f5d8ddf131f8434f4869ebd95e0d3d9e50594_ppc64le", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:c00bddf4726f69dd95b582de5a2ab5901c83176ba39b9d0232d274755b222cd1_amd64", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:ec6a6a410dc9fa64060cbc030c22ce8eb2df057f2dbcf38f39a830cc03c79152_s390x", "8Base-RHACM-2.6:rhacm2/thanos-rhel8@sha256:f617a890dd4d7b2fdce173f70f0901236f488197ebde036935aab26c3f8b23ff_arm64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "express: \"qs\" prototype poisoning causes the hang of the node process" } ] }
rhsa-2023_1533
Vulnerability from csaf_redhat
Published
2023-03-30 13:06
Modified
2024-12-10 17:47
Summary
Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update
Notes
Topic
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (14.21.3).
Security Fix(es):
* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)
* glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
* minimist: prototype pollution (CVE-2021-44906)
* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)
* c-ares: buffer overflow in config_sortlist() due to missing string length check (CVE-2022-4904)
* express: "qs" prototype poisoning causes the hang of the node process (CVE-2022-24999)
* http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881)
* nodejs: HTTP Request Smuggling due to incorrect parsing of header fields (CVE-2022-35256)
* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)
* Node.js: Permissions policies can be bypassed via process.mainModule (CVE-2023-23918)
* Node.js: insecure loading of ICU data through ICU_DATA environment variable (CVE-2023-23920)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (14.21.3).\n\nSecurity Fix(es):\n\n* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)\n\n* glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n\n* minimist: prototype pollution (CVE-2021-44906)\n\n* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)\n\n* c-ares: buffer overflow in config_sortlist() due to missing string length check (CVE-2022-4904)\n\n* express: \"qs\" prototype poisoning causes the hang of the node process (CVE-2022-24999)\n\n* http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881)\n\n* nodejs: HTTP Request Smuggling due to incorrect parsing of header fields (CVE-2022-35256)\n\n* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)\n\n* Node.js: Permissions policies can be bypassed via process.mainModule (CVE-2023-23918)\n\n* Node.js: insecure loading of ICU data through ICU_DATA environment variable (CVE-2023-23920)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1533", "url": "https://access.redhat.com/errata/RHSA-2023:1533" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "2130518", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130518" }, { "category": "external", "summary": "2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "2142823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142823" }, { "category": "external", "summary": "2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "2165824", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824" }, { "category": "external", "summary": "2168631", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631" }, { "category": "external", "summary": "2170644", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644" }, { "category": "external", "summary": "2171935", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171935" }, { "category": "external", "summary": "2172217", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217" }, { "category": "external", "summary": "2175828", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175828" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1533.json" } ], "title": "Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-12-10T17:47:12+00:00", "generator": { "date": "2024-12-10T17:47:12+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2023:1533", "initial_release_date": "2023-03-30T13:06:07+00:00", "revision_history": [ { "date": "2023-03-30T13:06:07+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-30T13:06:07+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-10T17:47:12+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product": { "name": "Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:8.4::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nodejs:14:8040020230306170312:522a0ee4", "product": { "name": "nodejs:14:8040020230306170312:522a0ee4", "product_id": "nodejs:14:8040020230306170312:522a0ee4", "product_identification_helper": { "purl": "pkg:rpmmod/redhat/nodejs@14:8040020230306170312:522a0ee4" } } }, { "category": "product_version", "name": "nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "product": { "name": "nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "product_id": "nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-docs@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "product": { "name": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "product_id": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-3.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=noarch" } } }, { "category": "product_version", "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "product": { "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "product_id": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "product": { "name": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "product_id": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-3.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=src" } } }, { "category": "product_version", "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product": { "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product_id": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product": { "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product_id": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64", "product": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64", "product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product": { "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product_id": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product": { "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product_id": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "product": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product": { "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_id": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product": { "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_id": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "product": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product": { "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product_id": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product": { "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product_id": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "product": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.4.0%2B18317%2B43f5ac16?arch=aarch64\u0026epoch=1" } } } ], "category": "architecture", "name": "aarch64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, "product_reference": "nodejs:14:8040020230306170312:522a0ee4", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64" }, "product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le" }, "product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x" }, "product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64" }, "product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64" }, "product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le" }, "product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x" }, "product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64" }, "product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64" }, "product_reference": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le" }, "product_reference": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x" }, "product_reference": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64" }, "product_reference": "nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch" }, "product_reference": "nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64" }, "product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le" }, "product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x" }, "product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64" }, "product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch" }, "product_reference": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src" }, "product_reference": "nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch" }, "product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src" }, "product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64" }, "product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le" }, "product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x" }, "product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64 as a component of nodejs:14:8040020230306170312:522a0ee4 as a component of Red Hat Enterprise Linux AppStream EUS (v.8.4)", "product_id": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" }, "product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64", "relates_to_product_reference": "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-35065", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-12-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156324" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "glob-parent: Regular Expression Denial of Service", "title": "Vulnerability summary" }, { "category": "other", "text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-35065" }, { "category": "external", "summary": "RHBZ#2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065", "url": "https://www.cve.org/CVERecord?id=CVE-2021-35065" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065" }, { "category": "external", "summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294", "url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294" } ], "release_date": "2022-12-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "glob-parent: Regular Expression Denial of Service" }, { "cve": "CVE-2021-44906", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-03-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2066009" } ], "notes": [ { "category": "description", "text": "An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "minimist: prototype pollution", "title": "Vulnerability summary" }, { "category": "other", "text": "The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. While this flaw (CVE-2021-44906) enables attackers to control objects that they should not have access to, actual exploitation would still require a chain of independent flaws. Even though the CVSS for CVE-2021-44906 is higher than CVE-2020-7598, they are both rated as having Moderate impact.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44906" }, { "category": "external", "summary": "RHBZ#2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44906" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h", "url": "https://github.com/advisories/GHSA-xvch-5gv4-984h" } ], "release_date": "2022-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "minimist: prototype pollution" }, { "cve": "CVE-2022-3517", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-06-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134609" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimatch: ReDoS via the braceExpand function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3517" }, { "category": "external", "summary": "RHBZ#2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517" } ], "release_date": "2022-02-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-minimatch: ReDoS via the braceExpand function" }, { "cve": "CVE-2022-4904", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2168631" } ], "notes": [ { "category": "description", "text": "A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "c-ares: buffer overflow in config_sortlist() due to missing string length check", "title": "Vulnerability summary" }, { "category": "other", "text": "The severity of this vulnerability is not important but moderate because exploiting the vulnerability can lead to a disruption of the availability of an application, yet doesn\u2019t compromise data integrity or confidentiality. The opportunity for disruption is further limited due to the requirement that an application allows an attacker to be able to input both untrusted and unvalidated data. Exploiting this flaw requires an application to use the library in such a way that would allow untrusted and unvalidated input to be passed directly to ares_set_sortlist by an attacker. In the event that this is able to occur, the impact to RHEL is limited to a crash of the application due to the protections offered by default in RHEL systems such as Stack Smashing Protection (SSP).", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-4904" }, { "category": "external", "summary": "RHBZ#2168631", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-4904", "url": "https://www.cve.org/CVERecord?id=CVE-2022-4904" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4904", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4904" }, { "category": "external", "summary": "https://github.com/c-ares/c-ares/issues/496", "url": "https://github.com/c-ares/c-ares/issues/496" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "c-ares: buffer overflow in config_sortlist() due to missing string length check" }, { "cve": "CVE-2022-24999", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150323" } ], "notes": [ { "category": "description", "text": "A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "express: \"qs\" prototype poisoning causes the hang of the node process", "title": "Vulnerability summary" }, { "category": "other", "text": "- The qs and express Package is not used by the OpenShift Container Platform console directly and is only a third-party package dependency. Hence, it is marked as wontfix. \nAs a result, any services that depend on Openshift for their use of qs and express are marked won\u0027t fix. \n- In OpenShift Service Mesh, \u0027qs\u0027 is hoisted from storybook and node-sass, both are dev dependencies, and the vulnerability is not exposed to end users. Hence marked as wontfix.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24999" }, { "category": "external", "summary": "RHBZ#2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24999", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999" }, { "category": "external", "summary": "https://github.com/expressjs/express/releases/tag/4.17.3", "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "category": "external", "summary": "https://github.com/ljharb/qs/pull/428", "url": "https://github.com/ljharb/qs/pull/428" }, { "category": "external", "summary": "https://github.com/n8tz/CVE-2022-24999", "url": "https://github.com/n8tz/CVE-2022-24999" } ], "release_date": "2022-11-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "express: \"qs\" prototype poisoning causes the hang of the node process" }, { "cve": "CVE-2022-25881", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2023-01-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2165824" } ], "notes": [ { "category": "description", "text": "A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.", "title": "Vulnerability description" }, { "category": "summary", "text": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-25881" }, { "category": "external", "summary": "RHBZ#2165824", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25881", "url": "https://www.cve.org/CVERecord?id=CVE-2022-25881" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881" } ], "release_date": "2023-01-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability" }, { "acknowledgments": [ { "names": [ "VVX7" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2022-35256", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2022-09-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2130518" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in NodeJS due to improper validation of HTTP requests. The llhttp parser in the HTTP module in Node.js does not correctly handle header fields that are not terminated with CLRF. This issue may result in HTTP Request Smuggling. This flaw allows a remote attacker to send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: HTTP Request Smuggling due to incorrect parsing of header fields", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-35256" }, { "category": "external", "summary": "RHBZ#2130518", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130518" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-35256", "url": "https://www.cve.org/CVERecord?id=CVE-2022-35256" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-35256", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35256" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/#http-request-smuggling-due-to-incorrect-parsing-of-header-fields-medium-cve-2022-35256", "url": "https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/#http-request-smuggling-due-to-incorrect-parsing-of-header-fields-medium-cve-2022-35256" } ], "release_date": "2022-09-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: HTTP Request Smuggling due to incorrect parsing of header fields" }, { "cve": "CVE-2022-38900", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2023-02-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170644" } ], "notes": [ { "category": "description", "text": "A flaw was found in decode-uri-component. This issue occurs due to a specially crafted input, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "decode-uri-component: improper input validation resulting in DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "For OpenShift Container Platform (OCP), Advanced Clusters Management for Kubernetes (ACM) and Advanced Cluster Security (ACS), the NPM decode-uri-component package is only present in source repositories as a development dependency, it is not used in production. Therefore this vulnerability is rated Low for OCP and ACS.\n\nIn Red Hat OpenShift Logging the openshift-logging/kibana6-rhel8 container bundles many nodejs packages as a build time dependencies, including the decode-uri-component package. \nThe vulnerable code is not used, hence the impact to OpenShift Logging by this vulnerability is Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38900" }, { "category": "external", "summary": "RHBZ#2170644", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38900", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38900" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900" }, { "category": "external", "summary": "https://github.com/SamVerschueren/decode-uri-component/issues/5", "url": "https://github.com/SamVerschueren/decode-uri-component/issues/5" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-w573-4hg7-7wgq", "url": "https://github.com/advisories/GHSA-w573-4hg7-7wgq" } ], "release_date": "2022-11-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "decode-uri-component: improper input validation resulting in DoS" }, { "cve": "CVE-2022-43548", "cwe": { "id": "CWE-350", "name": "Reliance on Reverse DNS Resolution for a Security-Critical Action" }, "discovery_date": "2022-11-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2140911" } ], "notes": [ { "category": "description", "text": "A flaw was found in NodeJS. The issue occurs in the Node.js rebinding protector for --inspect that still allows invalid IP addresses, specifically, the octal format. This flaw allows an attacker to perform DNS rebinding and execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: DNS rebinding in inspect via invalid octal IP address", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-43548" }, { "category": "external", "summary": "RHBZ#2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-43548", "url": "https://www.cve.org/CVERecord?id=CVE-2022-43548" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548", "url": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548" } ], "release_date": "2022-11-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: DNS rebinding in inspect via invalid octal IP address" }, { "cve": "CVE-2023-23918", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "discovery_date": "2023-02-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2171935" } ], "notes": [ { "category": "description", "text": "A privilege escalation vulnerability exists in Node.js \u003c19.6.1, \u003c18.14.1, \u003c16.19.1 and \u003c14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy.", "title": "Vulnerability description" }, { "category": "summary", "text": "Node.js: Permissions policies can be bypassed via process.mainModule", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-23918" }, { "category": "external", "summary": "RHBZ#2171935", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171935" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-23918", "url": "https://www.cve.org/CVERecord?id=CVE-2023-23918" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918" } ], "release_date": "2023-02-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Node.js: Permissions policies can be bypassed via process.mainModule" }, { "cve": "CVE-2023-23920", "cwe": { "id": "CWE-426", "name": "Untrusted Search Path" }, "discovery_date": "2023-02-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2172217" } ], "notes": [ { "category": "description", "text": "An untrusted search path vulnerability exists in Node.js. \u003c19.6.1, \u003c18.14.1, \u003c16.19.1, and \u003c14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.", "title": "Vulnerability description" }, { "category": "summary", "text": "Node.js: insecure loading of ICU data through ICU_DATA environment variable", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-23920" }, { "category": "external", "summary": "RHBZ#2172217", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-23920", "url": "https://www.cve.org/CVERecord?id=CVE-2023-23920" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920" } ], "release_date": "2023-02-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-30T13:06:07+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1533" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debuginfo-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-debugsource-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-devel-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-docs-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-full-i18n-1:14.21.3-1.module+el8.4.0+18317+43f5ac16.x86_64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-nodemon-0:2.0.20-3.module+el8.4.0+18317+43f5ac16.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.aarch64", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.ppc64le", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.s390x", "AppStream-8.4.0.Z.EUS:nodejs:14:8040020230306170312:522a0ee4:npm-1:6.14.18-1.14.21.3.1.module+el8.4.0+18317+43f5ac16.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Node.js: insecure loading of ICU data through ICU_DATA environment variable" } ] }
rhsa-2023_1742
Vulnerability from csaf_redhat
Published
2023-04-12 15:04
Modified
2024-12-10 17:48
Summary
Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update
Notes
Topic
An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.
The following packages have been upgraded to a later upstream version: nodejs (14.21.3).
Security Fix(es):
* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)
* glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
* nodejs: Improper handling of URI Subject Alternative Names (CVE-2021-44531)
* nodejs: Certificate Verification Bypass via String Injection (CVE-2021-44532)
* nodejs: Incorrect handling of certificate subject and issuer fields (CVE-2021-44533)
* minimist: prototype pollution (CVE-2021-44906)
* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)
* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)
* c-ares: buffer overflow in config_sortlist() due to missing string length check (CVE-2022-4904)
* express: "qs" prototype poisoning causes the hang of the node process (CVE-2022-24999)
* http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881)
* nodejs: HTTP Request Smuggling due to incorrect parsing of header fields (CVE-2022-35256)
* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)
* Node.js: Permissions policies can be bypassed via process.mainModule (CVE-2023-23918)
* nodejs: Prototype pollution via console.table properties (CVE-2022-21824)
* Node.js: insecure loading of ICU data through ICU_DATA environment variable (CVE-2023-23920)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. \n\nThe following packages have been upgraded to a later upstream version: nodejs (14.21.3).\n\nSecurity Fix(es):\n\n* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)\n\n* glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n\n* nodejs: Improper handling of URI Subject Alternative Names (CVE-2021-44531)\n\n* nodejs: Certificate Verification Bypass via String Injection (CVE-2021-44532)\n\n* nodejs: Incorrect handling of certificate subject and issuer fields (CVE-2021-44533)\n\n* minimist: prototype pollution (CVE-2021-44906)\n\n* node-fetch: exposure of sensitive information to an unauthorized actor (CVE-2022-0235)\n\n* nodejs-minimatch: ReDoS via the braceExpand function (CVE-2022-3517)\n\n* c-ares: buffer overflow in config_sortlist() due to missing string length check (CVE-2022-4904)\n\n* express: \"qs\" prototype poisoning causes the hang of the node process (CVE-2022-24999)\n\n* http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881)\n\n* nodejs: HTTP Request Smuggling due to incorrect parsing of header fields (CVE-2022-35256)\n\n* nodejs: DNS rebinding in inspect via invalid octal IP address (CVE-2022-43548)\n\n* Node.js: Permissions policies can be bypassed via process.mainModule (CVE-2023-23918)\n\n* nodejs: Prototype pollution via console.table properties (CVE-2022-21824)\n\n* Node.js: insecure loading of ICU data through ICU_DATA environment variable (CVE-2023-23920)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1742", "url": "https://access.redhat.com/errata/RHSA-2023:1742" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2040839", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040839" }, { "category": "external", "summary": "2040846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040846" }, { "category": "external", "summary": "2040856", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040856" }, { "category": "external", "summary": "2040862", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040862" }, { "category": "external", "summary": "2044591", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591" }, { "category": "external", "summary": "2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "2130518", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130518" }, { "category": "external", "summary": "2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "2142822", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142822" }, { "category": "external", "summary": "2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "2165824", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824" }, { "category": "external", "summary": "2168631", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631" }, { "category": "external", "summary": "2170644", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644" }, { "category": "external", "summary": "2171935", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171935" }, { "category": "external", "summary": "2172217", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217" }, { "category": "external", "summary": "2175827", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175827" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1742.json" } ], "title": "Red Hat Security Advisory: nodejs:14 security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-12-10T17:48:01+00:00", "generator": { "date": "2024-12-10T17:48:01+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2023:1742", "initial_release_date": "2023-04-12T15:04:47+00:00", "revision_history": [ { "date": "2023-04-12T15:04:47+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-04-12T15:04:47+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-10T17:48:01+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product": { "name": "Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:8.6::appstream" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "nodejs:14:8060020230306170237:ad008a3a", "product": { "name": "nodejs:14:8060020230306170237:ad008a3a", "product_id": "nodejs:14:8060020230306170237:ad008a3a", "product_identification_helper": { "purl": "pkg:rpmmod/redhat/nodejs@14:8060020230306170237:ad008a3a" } } }, { "category": "product_version", "name": "nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "product": { "name": "nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "product_id": "nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-docs@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "product": { "name": "nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "product_id": "nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-3.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=noarch" } } }, { "category": "product_version", "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product": { "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product_id": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product": { "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product_id": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "product": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=aarch64\u0026epoch=1" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "product": { "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "product_id": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "product": { "name": "nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "product_id": "nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-nodemon@2.0.20-3.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=src" } } }, { "category": "product_version", "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product_id": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-packaging@23-3.module%2Bel8.3.0%2B6519%2B9f98ed83?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product": { "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_id": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product": { "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_id": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "product": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product": { "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product_id": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product": { "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product_id": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "product": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product": { "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product_id": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product_id": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debuginfo@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product_id": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-debugsource@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product": { "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product_id": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-devel@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product_id": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/nodejs-full-i18n@14.21.3-1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64", "product": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64", "product_id": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/npm@6.14.18-1.14.21.3.1.module%2Bel8.6.0%2B18532%2Bcbe6f646?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, "product_reference": "nodejs:14:8060020230306170237:ad008a3a", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64" }, "product_reference": "nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64" }, "product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le" }, "product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x" }, "product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64" }, "product_reference": "nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64" }, "product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le" }, "product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x" }, "product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64" }, "product_reference": "nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64" }, "product_reference": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le" }, "product_reference": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x" }, "product_reference": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64" }, "product_reference": "nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch" }, "product_reference": "nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64" }, "product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le" }, "product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x" }, "product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64" }, "product_reference": "nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch" }, "product_reference": "nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src" }, "product_reference": "nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch" }, "product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src" }, "product_reference": "nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64" }, "product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le" }, "product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x" }, "product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" }, { "category": "default_component_of", "full_product_name": { "name": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64 as a component of nodejs:14:8060020230306170237:ad008a3a as a component of Red Hat Enterprise Linux AppStream EUS (v.8.6)", "product_id": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" }, "product_reference": "npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64", "relates_to_product_reference": "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-35065", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-12-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156324" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "glob-parent: Regular Expression Denial of Service", "title": "Vulnerability summary" }, { "category": "other", "text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-35065" }, { "category": "external", "summary": "RHBZ#2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065", "url": "https://www.cve.org/CVERecord?id=CVE-2021-35065" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065" }, { "category": "external", "summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294", "url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294" } ], "release_date": "2022-12-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "glob-parent: Regular Expression Denial of Service" }, { "cve": "CVE-2021-44531", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2022-01-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2040839" } ], "notes": [ { "category": "description", "text": "A flaw was found in node.js where it accepted a certificate\u0027s Subject Alternative Names (SAN) entry, as opposed to what is specified by the HTTPS protocol. This flaw allows an active person-in-the-middle to forge a certificate and impersonate a trusted host.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: Improper handling of URI Subject Alternative Names", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\" with impact LOW.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44531" }, { "category": "external", "summary": "RHBZ#2040839", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040839" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44531", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44531" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/" } ], "release_date": "2022-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: Improper handling of URI Subject Alternative Names" }, { "cve": "CVE-2021-44532", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2022-01-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2040846" } ], "notes": [ { "category": "description", "text": "It was found that node.js did not safely read the x509 certificate generalName format properly, resulting in data injection. A certificate could use a specially crafted extension in order to be successfully validated, permitting an attacker to impersonate a trusted host.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: Certificate Verification Bypass via String Injection", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\" with impact LOW.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44532" }, { "category": "external", "summary": "RHBZ#2040846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040846" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44532", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44532" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44532" } ], "release_date": "2022-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: Certificate Verification Bypass via String Injection" }, { "cve": "CVE-2021-44533", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2022-01-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2040856" } ], "notes": [ { "category": "description", "text": "A flaw was found in node.js, where it did not properly handle multi-value Relative Distinguished Names. This flaw allows a specially crafted x509 certificate to produce a false multi-value Relative Distinguished Name and to inject arbitrary data in node.js libraries.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: Incorrect handling of certificate subject and issuer fields", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally, there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore, the Quay component is marked as \"Will not fix\" with impact LOW.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44533" }, { "category": "external", "summary": "RHBZ#2040856", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040856" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44533", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44533" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44533", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44533" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/" } ], "release_date": "2022-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: Incorrect handling of certificate subject and issuer fields" }, { "cve": "CVE-2021-44906", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-03-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2066009" } ], "notes": [ { "category": "description", "text": "An Uncontrolled Resource Consumption flaw was found in minimist. This flaw allows an attacker to trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "minimist: prototype pollution", "title": "Vulnerability summary" }, { "category": "other", "text": "The original fix for CVE-2020-7598 was incomplete as it was still possible to bypass in some cases. While this flaw (CVE-2021-44906) enables attackers to control objects that they should not have access to, actual exploitation would still require a chain of independent flaws. Even though the CVSS for CVE-2021-44906 is higher than CVE-2020-7598, they are both rated as having Moderate impact.\n\nWithin Red Hat Satellite 6 this flaw has been rated as having a security impact of Low. It is not currently planned to be addressed there, as the minimist library is only included in the -doc subpackage and is part of test fixtures that are not in the execution path used by the rabl gem.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-44906" }, { "category": "external", "summary": "RHBZ#2066009", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066009" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-44906", "url": "https://www.cve.org/CVERecord?id=CVE-2021-44906" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44906" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-xvch-5gv4-984h", "url": "https://github.com/advisories/GHSA-xvch-5gv4-984h" } ], "release_date": "2022-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "minimist: prototype pollution" }, { "cve": "CVE-2022-0235", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2022-01-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2044591" } ], "notes": [ { "category": "description", "text": "A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as \"Authorization,\" \"WWW-Authenticate,\" and \"Cookie\" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor.", "title": "Vulnerability description" }, { "category": "summary", "text": "node-fetch: exposure of sensitive information to an unauthorized actor", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is out of support scope for dotnet-5.0. For more information about Dotnet product support scope, please see https://access.redhat.com/support/policy/updates/net-core", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-0235" }, { "category": "external", "summary": "RHBZ#2044591", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044591" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-0235", "url": "https://www.cve.org/CVERecord?id=CVE-2022-0235" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0235" }, { "category": "external", "summary": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/", "url": "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/" } ], "release_date": "2022-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "node-fetch: exposure of sensitive information to an unauthorized actor" }, { "cve": "CVE-2022-3517", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2022-06-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134609" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the nodejs-minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimatch: ReDoS via the braceExpand function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-3517" }, { "category": "external", "summary": "RHBZ#2134609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-3517", "url": "https://www.cve.org/CVERecord?id=CVE-2022-3517" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3517" } ], "release_date": "2022-02-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs-minimatch: ReDoS via the braceExpand function" }, { "cve": "CVE-2022-4904", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2023-02-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2168631" } ], "notes": [ { "category": "description", "text": "A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "c-ares: buffer overflow in config_sortlist() due to missing string length check", "title": "Vulnerability summary" }, { "category": "other", "text": "The severity of this vulnerability is not important but moderate because exploiting the vulnerability can lead to a disruption of the availability of an application, yet doesn\u2019t compromise data integrity or confidentiality. The opportunity for disruption is further limited due to the requirement that an application allows an attacker to be able to input both untrusted and unvalidated data. Exploiting this flaw requires an application to use the library in such a way that would allow untrusted and unvalidated input to be passed directly to ares_set_sortlist by an attacker. In the event that this is able to occur, the impact to RHEL is limited to a crash of the application due to the protections offered by default in RHEL systems such as Stack Smashing Protection (SSP).", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-4904" }, { "category": "external", "summary": "RHBZ#2168631", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2168631" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-4904", "url": "https://www.cve.org/CVERecord?id=CVE-2022-4904" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-4904", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-4904" }, { "category": "external", "summary": "https://github.com/c-ares/c-ares/issues/496", "url": "https://github.com/c-ares/c-ares/issues/496" } ], "release_date": "2022-12-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "c-ares: buffer overflow in config_sortlist() due to missing string length check" }, { "cve": "CVE-2022-21824", "cwe": { "id": "CWE-915", "name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes" }, "discovery_date": "2022-01-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2040862" } ], "notes": [ { "category": "description", "text": "Due to the formatting logic of the \"console.table()\" function it was not safe to allow user controlled input to be passed to the \"properties\" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be \"__proto__\". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js \u003e= 12.22.9, \u003e= 14.18.3, \u003e= 16.13.2, and \u003e= 17.3.1 use a null protoype for the object these properties are being assigned to.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: Prototype pollution via console.table properties", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Quay from version 3.4 consumes nodejs from RHEL, so security tracking is provided by the container health index on the customer portal [1]. Additionally there is no impact from this issue on Quay 3.3 and 3.2 because nodejs is only used at build time and is no longer shipped, starting with Quay 3.5 [2].\n[1] https://catalog.redhat.com/software/containers/quay/quay-rhel8/600e03aadd19c7786c43ae49?container-tabs=security\n[2] https://issues.redhat.com/browse/PROJQUAY-1409\nTherefore Quay component is marked as \"Will not fix\".", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-21824" }, { "category": "external", "summary": "RHBZ#2040862", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040862" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-21824", "url": "https://www.cve.org/CVERecord?id=CVE-2022-21824" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-21824", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21824" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/", "url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/" } ], "release_date": "2022-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "nodejs: Prototype pollution via console.table properties" }, { "cve": "CVE-2022-24999", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150323" } ], "notes": [ { "category": "description", "text": "A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "express: \"qs\" prototype poisoning causes the hang of the node process", "title": "Vulnerability summary" }, { "category": "other", "text": "- The qs and express Package is not used by the OpenShift Container Platform console directly and is only a third-party package dependency. Hence, it is marked as wontfix. \nAs a result, any services that depend on Openshift for their use of qs and express are marked won\u0027t fix. \n- In OpenShift Service Mesh, \u0027qs\u0027 is hoisted from storybook and node-sass, both are dev dependencies, and the vulnerability is not exposed to end users. Hence marked as wontfix.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24999" }, { "category": "external", "summary": "RHBZ#2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24999", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999" }, { "category": "external", "summary": "https://github.com/expressjs/express/releases/tag/4.17.3", "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "category": "external", "summary": "https://github.com/ljharb/qs/pull/428", "url": "https://github.com/ljharb/qs/pull/428" }, { "category": "external", "summary": "https://github.com/n8tz/CVE-2022-24999", "url": "https://github.com/n8tz/CVE-2022-24999" } ], "release_date": "2022-11-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "express: \"qs\" prototype poisoning causes the hang of the node process" }, { "cve": "CVE-2022-25881", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2023-01-31T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2165824" } ], "notes": [ { "category": "description", "text": "A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.", "title": "Vulnerability description" }, { "category": "summary", "text": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-25881" }, { "category": "external", "summary": "RHBZ#2165824", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25881", "url": "https://www.cve.org/CVERecord?id=CVE-2022-25881" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881" } ], "release_date": "2023-01-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability" }, { "acknowledgments": [ { "names": [ "VVX7" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2022-35256", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2022-09-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2130518" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in NodeJS due to improper validation of HTTP requests. The llhttp parser in the HTTP module in Node.js does not correctly handle header fields that are not terminated with CLRF. This issue may result in HTTP Request Smuggling. This flaw allows a remote attacker to send a specially crafted HTTP request to the server and smuggle arbitrary HTTP headers.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: HTTP Request Smuggling due to incorrect parsing of header fields", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-35256" }, { "category": "external", "summary": "RHBZ#2130518", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2130518" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-35256", "url": "https://www.cve.org/CVERecord?id=CVE-2022-35256" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-35256", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35256" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/#http-request-smuggling-due-to-incorrect-parsing-of-header-fields-medium-cve-2022-35256", "url": "https://nodejs.org/en/blog/vulnerability/september-2022-security-releases/#http-request-smuggling-due-to-incorrect-parsing-of-header-fields-medium-cve-2022-35256" } ], "release_date": "2022-09-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: HTTP Request Smuggling due to incorrect parsing of header fields" }, { "cve": "CVE-2022-38900", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2023-02-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170644" } ], "notes": [ { "category": "description", "text": "A flaw was found in decode-uri-component. This issue occurs due to a specially crafted input, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "decode-uri-component: improper input validation resulting in DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "For OpenShift Container Platform (OCP), Advanced Clusters Management for Kubernetes (ACM) and Advanced Cluster Security (ACS), the NPM decode-uri-component package is only present in source repositories as a development dependency, it is not used in production. Therefore this vulnerability is rated Low for OCP and ACS.\n\nIn Red Hat OpenShift Logging the openshift-logging/kibana6-rhel8 container bundles many nodejs packages as a build time dependencies, including the decode-uri-component package. \nThe vulnerable code is not used, hence the impact to OpenShift Logging by this vulnerability is Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38900" }, { "category": "external", "summary": "RHBZ#2170644", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38900", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38900" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900" }, { "category": "external", "summary": "https://github.com/SamVerschueren/decode-uri-component/issues/5", "url": "https://github.com/SamVerschueren/decode-uri-component/issues/5" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-w573-4hg7-7wgq", "url": "https://github.com/advisories/GHSA-w573-4hg7-7wgq" } ], "release_date": "2022-11-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "decode-uri-component: improper input validation resulting in DoS" }, { "cve": "CVE-2022-43548", "cwe": { "id": "CWE-350", "name": "Reliance on Reverse DNS Resolution for a Security-Critical Action" }, "discovery_date": "2022-11-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2140911" } ], "notes": [ { "category": "description", "text": "A flaw was found in NodeJS. The issue occurs in the Node.js rebinding protector for --inspect that still allows invalid IP addresses, specifically, the octal format. This flaw allows an attacker to perform DNS rebinding and execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs: DNS rebinding in inspect via invalid octal IP address", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-43548" }, { "category": "external", "summary": "RHBZ#2140911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140911" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-43548", "url": "https://www.cve.org/CVERecord?id=CVE-2022-43548" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43548" }, { "category": "external", "summary": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548", "url": "https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/#dns-rebinding-in-inspect-via-invalid-octal-ip-address-medium-cve-2022-43548" } ], "release_date": "2022-11-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "nodejs: DNS rebinding in inspect via invalid octal IP address" }, { "cve": "CVE-2023-23918", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "discovery_date": "2023-02-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2171935" } ], "notes": [ { "category": "description", "text": "A privilege escalation vulnerability exists in Node.js \u003c19.6.1, \u003c18.14.1, \u003c16.19.1 and \u003c14.21.3 that made it possible to bypass the experimental Permissions (https://nodejs.org/api/permissions.html) feature in Node.js and access non authorized modules by using process.mainModule.require(). This only affects users who had enabled the experimental permissions option with --experimental-policy.", "title": "Vulnerability description" }, { "category": "summary", "text": "Node.js: Permissions policies can be bypassed via process.mainModule", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-23918" }, { "category": "external", "summary": "RHBZ#2171935", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2171935" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-23918", "url": "https://www.cve.org/CVERecord?id=CVE-2023-23918" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23918" } ], "release_date": "2023-02-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Node.js: Permissions policies can be bypassed via process.mainModule" }, { "cve": "CVE-2023-23920", "cwe": { "id": "CWE-426", "name": "Untrusted Search Path" }, "discovery_date": "2023-02-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2172217" } ], "notes": [ { "category": "description", "text": "An untrusted search path vulnerability exists in Node.js. \u003c19.6.1, \u003c18.14.1, \u003c16.19.1, and \u003c14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges.", "title": "Vulnerability description" }, { "category": "summary", "text": "Node.js: insecure loading of ICU data through ICU_DATA environment variable", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-23920" }, { "category": "external", "summary": "RHBZ#2172217", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2172217" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-23920", "url": "https://www.cve.org/CVERecord?id=CVE-2023-23920" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23920" } ], "release_date": "2023-02-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-04-12T15:04:47+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1742" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debuginfo-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-debugsource-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-devel-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-docs-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-full-i18n-1:14.21.3-1.module+el8.6.0+18532+cbe6f646.x86_64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-nodemon-0:2.0.20-3.module+el8.6.0+18532+cbe6f646.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.noarch", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:nodejs-packaging-0:23-3.module+el8.3.0+6519+9f98ed83.src", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.aarch64", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.ppc64le", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.s390x", "AppStream-8.6.0.Z.EUS:nodejs:14:8060020230306170237:ad008a3a:npm-1:6.14.18-1.14.21.3.1.module+el8.6.0+18532+cbe6f646.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Node.js: insecure loading of ICU data through ICU_DATA environment variable" } ] }
rhsa-2023_3645
Vulnerability from csaf_redhat
Published
2023-06-15 20:55
Modified
2024-12-10 17:53
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.7 security update
Notes
Topic
Red Hat OpenShift Service Mesh 2.2.7
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
This advisory covers the RPM packages for the release.
Security Fix(es):
* mongo-go-driver: specific cstrings input may not be properly validated (CVE-2021-20329)
* async: Prototype Pollution in async (CVE-2021-43138)
* express: "qs" prototype poisoning causes the hang of the node process (CVE-2022-24999)
* terser: insecure use of regular expressions leads to ReDoS (CVE-2022-25858)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat OpenShift Service Mesh 2.2.7\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nThis advisory covers the RPM packages for the release.\n\nSecurity Fix(es):\n\n* mongo-go-driver: specific cstrings input may not be properly validated (CVE-2021-20329)\n* async: Prototype Pollution in async (CVE-2021-43138)\n* express: \"qs\" prototype poisoning causes the hang of the node process (CVE-2022-24999)\n* terser: insecure use of regular expressions leads to ReDoS (CVE-2022-25858)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:3645", "url": "https://access.redhat.com/errata/RHSA-2023:3645" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1971033", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1971033" }, { "category": "external", "summary": "2126276", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126276" }, { "category": "external", "summary": "2126277", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126277" }, { "category": "external", "summary": "2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "OSSM-3596", "url": "https://issues.redhat.com/browse/OSSM-3596" }, { "category": "external", "summary": "OSSM-3720", "url": "https://issues.redhat.com/browse/OSSM-3720" }, { "category": "external", "summary": "OSSM-3783", "url": "https://issues.redhat.com/browse/OSSM-3783" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3645.json" } ], "title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.7 security update", "tracking": { "current_release_date": "2024-12-10T17:53:19+00:00", "generator": { "date": "2024-12-10T17:53:19+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2023:3645", "initial_release_date": "2023-06-15T20:55:50+00:00", "revision_history": [ { "date": "2023-06-15T20:55:50+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-06-15T20:55:50+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-10T17:53:19+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHOSSM 2.2 for RHEL 8", "product": { "name": "RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2", "product_identification_helper": { "cpe": "cpe:/a:redhat:service_mesh:2.2::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift Service Mesh" }, { "branches": [ { "category": "product_version", "name": "openshift-service-mesh/istio-cni-rhel8@sha256:3f410cd41ea91e0014d1cf8d7f3decb3bf0e3db5e9aa2612480a76f6797aa3b5_amd64", "product": { "name": "openshift-service-mesh/istio-cni-rhel8@sha256:3f410cd41ea91e0014d1cf8d7f3decb3bf0e3db5e9aa2612480a76f6797aa3b5_amd64", "product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:3f410cd41ea91e0014d1cf8d7f3decb3bf0e3db5e9aa2612480a76f6797aa3b5_amd64", "product_identification_helper": { "purl": "pkg:oci/istio-cni-rhel8@sha256:3f410cd41ea91e0014d1cf8d7f3decb3bf0e3db5e9aa2612480a76f6797aa3b5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.2.7-7" } } }, { "category": "product_version", "name": "openshift-service-mesh/grafana-rhel8@sha256:f496643a0600a632a3ce216d67634cff9e6174aeb4d113743fd0443a40b535d9_amd64", "product": { "name": "openshift-service-mesh/grafana-rhel8@sha256:f496643a0600a632a3ce216d67634cff9e6174aeb4d113743fd0443a40b535d9_amd64", "product_id": "openshift-service-mesh/grafana-rhel8@sha256:f496643a0600a632a3ce216d67634cff9e6174aeb4d113743fd0443a40b535d9_amd64", "product_identification_helper": { "purl": "pkg:oci/grafana-rhel8@sha256:f496643a0600a632a3ce216d67634cff9e6174aeb4d113743fd0443a40b535d9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.2.7-3" } } }, { "category": "product_version", "name": "openshift-service-mesh/kiali-rhel8@sha256:bee9a86adcd6974536fa31d054a880238a720b8bfcd7efc5d656a0ddd5111d06_amd64", "product": { "name": "openshift-service-mesh/kiali-rhel8@sha256:bee9a86adcd6974536fa31d054a880238a720b8bfcd7efc5d656a0ddd5111d06_amd64", "product_id": "openshift-service-mesh/kiali-rhel8@sha256:bee9a86adcd6974536fa31d054a880238a720b8bfcd7efc5d656a0ddd5111d06_amd64", "product_identification_helper": { "purl": "pkg:oci/kiali-rhel8@sha256:bee9a86adcd6974536fa31d054a880238a720b8bfcd7efc5d656a0ddd5111d06?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.48.6-1" } } }, { "category": "product_version", "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c6cda704d37ed2d233ec225578cb8021429a64d77649c26672c876569a0696b6_amd64", "product": { "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c6cda704d37ed2d233ec225578cb8021429a64d77649c26672c876569a0696b6_amd64", "product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c6cda704d37ed2d233ec225578cb8021429a64d77649c26672c876569a0696b6_amd64", "product_identification_helper": { "purl": "pkg:oci/istio-must-gather-rhel8@sha256:c6cda704d37ed2d233ec225578cb8021429a64d77649c26672c876569a0696b6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.2.7-7" } } }, { "category": "product_version", "name": "openshift-service-mesh/pilot-rhel8@sha256:a4b7ddd16863e41a6642fc52c566d94069732afafdcbd761385be1e4e04c8521_amd64", "product": { "name": "openshift-service-mesh/pilot-rhel8@sha256:a4b7ddd16863e41a6642fc52c566d94069732afafdcbd761385be1e4e04c8521_amd64", "product_id": "openshift-service-mesh/pilot-rhel8@sha256:a4b7ddd16863e41a6642fc52c566d94069732afafdcbd761385be1e4e04c8521_amd64", "product_identification_helper": { "purl": "pkg:oci/pilot-rhel8@sha256:a4b7ddd16863e41a6642fc52c566d94069732afafdcbd761385be1e4e04c8521?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.2.7-7" } } }, { "category": "product_version", "name": "openshift-service-mesh/prometheus-rhel8@sha256:2371e4effbf6a4846599729701de09a5613a2df29fee9858b0526470d63a5eb7_amd64", "product": { "name": "openshift-service-mesh/prometheus-rhel8@sha256:2371e4effbf6a4846599729701de09a5613a2df29fee9858b0526470d63a5eb7_amd64", "product_id": "openshift-service-mesh/prometheus-rhel8@sha256:2371e4effbf6a4846599729701de09a5613a2df29fee9858b0526470d63a5eb7_amd64", "product_identification_helper": { "purl": "pkg:oci/prometheus-rhel8@sha256:2371e4effbf6a4846599729701de09a5613a2df29fee9858b0526470d63a5eb7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8\u0026tag=2.2.7-7" } } }, { "category": "product_version", "name": "openshift-service-mesh/proxyv2-rhel8@sha256:99e0a7f2861823dbd94ed53294a255aab2f710cc0c932dca84ae0681494e029b_amd64", "product": { "name": "openshift-service-mesh/proxyv2-rhel8@sha256:99e0a7f2861823dbd94ed53294a255aab2f710cc0c932dca84ae0681494e029b_amd64", "product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:99e0a7f2861823dbd94ed53294a255aab2f710cc0c932dca84ae0681494e029b_amd64", "product_identification_helper": { "purl": "pkg:oci/proxyv2-rhel8@sha256:99e0a7f2861823dbd94ed53294a255aab2f710cc0c932dca84ae0681494e029b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.2.7-6" } } }, { "category": "product_version", "name": "openshift-service-mesh/ratelimit-rhel8@sha256:8918686da37dad102867ad55788b2b0f7d750cf137b76a4ca51e244367de6375_amd64", "product": { "name": "openshift-service-mesh/ratelimit-rhel8@sha256:8918686da37dad102867ad55788b2b0f7d750cf137b76a4ca51e244367de6375_amd64", "product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:8918686da37dad102867ad55788b2b0f7d750cf137b76a4ca51e244367de6375_amd64", "product_identification_helper": { "purl": "pkg:oci/ratelimit-rhel8@sha256:8918686da37dad102867ad55788b2b0f7d750cf137b76a4ca51e244367de6375?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.2.7-4" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "openshift-service-mesh/istio-cni-rhel8@sha256:8abbc8a247ff6de3e5b212e6a2b0203600555e1f3f0c8599aaf19c9cdda59abb_ppc64le", "product": { "name": "openshift-service-mesh/istio-cni-rhel8@sha256:8abbc8a247ff6de3e5b212e6a2b0203600555e1f3f0c8599aaf19c9cdda59abb_ppc64le", "product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:8abbc8a247ff6de3e5b212e6a2b0203600555e1f3f0c8599aaf19c9cdda59abb_ppc64le", "product_identification_helper": { "purl": "pkg:oci/istio-cni-rhel8@sha256:8abbc8a247ff6de3e5b212e6a2b0203600555e1f3f0c8599aaf19c9cdda59abb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.2.7-7" } } }, { "category": "product_version", "name": "openshift-service-mesh/grafana-rhel8@sha256:ce4f38fd64e2e1944e037097b3af9d5b8645f7fc5856b74cba00f94a1a60471f_ppc64le", "product": { "name": "openshift-service-mesh/grafana-rhel8@sha256:ce4f38fd64e2e1944e037097b3af9d5b8645f7fc5856b74cba00f94a1a60471f_ppc64le", "product_id": "openshift-service-mesh/grafana-rhel8@sha256:ce4f38fd64e2e1944e037097b3af9d5b8645f7fc5856b74cba00f94a1a60471f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/grafana-rhel8@sha256:ce4f38fd64e2e1944e037097b3af9d5b8645f7fc5856b74cba00f94a1a60471f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.2.7-3" } } }, { "category": "product_version", "name": "openshift-service-mesh/kiali-rhel8@sha256:eebc6514999806d2726fea70bd7f4979dd71a7b2f2aa220ead6b5a838a0ffbdf_ppc64le", "product": { "name": "openshift-service-mesh/kiali-rhel8@sha256:eebc6514999806d2726fea70bd7f4979dd71a7b2f2aa220ead6b5a838a0ffbdf_ppc64le", "product_id": "openshift-service-mesh/kiali-rhel8@sha256:eebc6514999806d2726fea70bd7f4979dd71a7b2f2aa220ead6b5a838a0ffbdf_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kiali-rhel8@sha256:eebc6514999806d2726fea70bd7f4979dd71a7b2f2aa220ead6b5a838a0ffbdf?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.48.6-1" } } }, { "category": "product_version", "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:bbd215d60e43f719ac81025128f30002bb11f1d29fa874f3b8b1ce61a9269628_ppc64le", "product": { "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:bbd215d60e43f719ac81025128f30002bb11f1d29fa874f3b8b1ce61a9269628_ppc64le", "product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:bbd215d60e43f719ac81025128f30002bb11f1d29fa874f3b8b1ce61a9269628_ppc64le", "product_identification_helper": { "purl": "pkg:oci/istio-must-gather-rhel8@sha256:bbd215d60e43f719ac81025128f30002bb11f1d29fa874f3b8b1ce61a9269628?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.2.7-7" } } }, { "category": "product_version", "name": "openshift-service-mesh/pilot-rhel8@sha256:bc137efedf8eaf278f508b7f652e7db96f3dcfbb1b685e5a9359680c77b1838a_ppc64le", "product": { "name": "openshift-service-mesh/pilot-rhel8@sha256:bc137efedf8eaf278f508b7f652e7db96f3dcfbb1b685e5a9359680c77b1838a_ppc64le", "product_id": "openshift-service-mesh/pilot-rhel8@sha256:bc137efedf8eaf278f508b7f652e7db96f3dcfbb1b685e5a9359680c77b1838a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/pilot-rhel8@sha256:bc137efedf8eaf278f508b7f652e7db96f3dcfbb1b685e5a9359680c77b1838a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.2.7-7" } } }, { "category": "product_version", "name": "openshift-service-mesh/prometheus-rhel8@sha256:f5d874b252b5fa89e85db384b81096cd84fbfafc593532bb6ea0175f680115c7_ppc64le", "product": { "name": "openshift-service-mesh/prometheus-rhel8@sha256:f5d874b252b5fa89e85db384b81096cd84fbfafc593532bb6ea0175f680115c7_ppc64le", "product_id": "openshift-service-mesh/prometheus-rhel8@sha256:f5d874b252b5fa89e85db384b81096cd84fbfafc593532bb6ea0175f680115c7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/prometheus-rhel8@sha256:f5d874b252b5fa89e85db384b81096cd84fbfafc593532bb6ea0175f680115c7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8\u0026tag=2.2.7-7" } } }, { "category": "product_version", "name": "openshift-service-mesh/proxyv2-rhel8@sha256:4ffd0acfd05fa5cab68372121f34901adcef3f94d9c38beee8559f9ad8a0fd5a_ppc64le", "product": { "name": "openshift-service-mesh/proxyv2-rhel8@sha256:4ffd0acfd05fa5cab68372121f34901adcef3f94d9c38beee8559f9ad8a0fd5a_ppc64le", "product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:4ffd0acfd05fa5cab68372121f34901adcef3f94d9c38beee8559f9ad8a0fd5a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/proxyv2-rhel8@sha256:4ffd0acfd05fa5cab68372121f34901adcef3f94d9c38beee8559f9ad8a0fd5a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.2.7-6" } } }, { "category": "product_version", "name": "openshift-service-mesh/ratelimit-rhel8@sha256:0f35f2a716c4a04873d6dfad61f0d8fc262f2190609cd1cc5578da48cd9d0f4d_ppc64le", "product": { "name": "openshift-service-mesh/ratelimit-rhel8@sha256:0f35f2a716c4a04873d6dfad61f0d8fc262f2190609cd1cc5578da48cd9d0f4d_ppc64le", "product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:0f35f2a716c4a04873d6dfad61f0d8fc262f2190609cd1cc5578da48cd9d0f4d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ratelimit-rhel8@sha256:0f35f2a716c4a04873d6dfad61f0d8fc262f2190609cd1cc5578da48cd9d0f4d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.2.7-4" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openshift-service-mesh/istio-cni-rhel8@sha256:47720497b1bb8ee24993260359294eeeafdd888c71ccca6cb12d526e5c3a4a13_s390x", "product": { "name": "openshift-service-mesh/istio-cni-rhel8@sha256:47720497b1bb8ee24993260359294eeeafdd888c71ccca6cb12d526e5c3a4a13_s390x", "product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:47720497b1bb8ee24993260359294eeeafdd888c71ccca6cb12d526e5c3a4a13_s390x", "product_identification_helper": { "purl": "pkg:oci/istio-cni-rhel8@sha256:47720497b1bb8ee24993260359294eeeafdd888c71ccca6cb12d526e5c3a4a13?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.2.7-7" } } }, { "category": "product_version", "name": "openshift-service-mesh/grafana-rhel8@sha256:ce1247898969a1865d5d7eb865f659131d6dc58e78aecfc31c59615dc21dd48e_s390x", "product": { "name": "openshift-service-mesh/grafana-rhel8@sha256:ce1247898969a1865d5d7eb865f659131d6dc58e78aecfc31c59615dc21dd48e_s390x", "product_id": "openshift-service-mesh/grafana-rhel8@sha256:ce1247898969a1865d5d7eb865f659131d6dc58e78aecfc31c59615dc21dd48e_s390x", "product_identification_helper": { "purl": "pkg:oci/grafana-rhel8@sha256:ce1247898969a1865d5d7eb865f659131d6dc58e78aecfc31c59615dc21dd48e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.2.7-3" } } }, { "category": "product_version", "name": "openshift-service-mesh/kiali-rhel8@sha256:351d18f13943b57b5599dc4c2af9970a6add2fbf2cd702f64128e156e4e8a991_s390x", "product": { "name": "openshift-service-mesh/kiali-rhel8@sha256:351d18f13943b57b5599dc4c2af9970a6add2fbf2cd702f64128e156e4e8a991_s390x", "product_id": "openshift-service-mesh/kiali-rhel8@sha256:351d18f13943b57b5599dc4c2af9970a6add2fbf2cd702f64128e156e4e8a991_s390x", "product_identification_helper": { "purl": "pkg:oci/kiali-rhel8@sha256:351d18f13943b57b5599dc4c2af9970a6add2fbf2cd702f64128e156e4e8a991?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.48.6-1" } } }, { "category": "product_version", "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a2de7f954c0878842b5e214d809382c7d0428b8d3ed22fa1516e49ec583d7790_s390x", "product": { "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a2de7f954c0878842b5e214d809382c7d0428b8d3ed22fa1516e49ec583d7790_s390x", "product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a2de7f954c0878842b5e214d809382c7d0428b8d3ed22fa1516e49ec583d7790_s390x", "product_identification_helper": { "purl": "pkg:oci/istio-must-gather-rhel8@sha256:a2de7f954c0878842b5e214d809382c7d0428b8d3ed22fa1516e49ec583d7790?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.2.7-7" } } }, { "category": "product_version", "name": "openshift-service-mesh/pilot-rhel8@sha256:7b59f76549db37ee09757d79692c52abf1c01baea84fbc98ce5aabc530232f45_s390x", "product": { "name": "openshift-service-mesh/pilot-rhel8@sha256:7b59f76549db37ee09757d79692c52abf1c01baea84fbc98ce5aabc530232f45_s390x", "product_id": "openshift-service-mesh/pilot-rhel8@sha256:7b59f76549db37ee09757d79692c52abf1c01baea84fbc98ce5aabc530232f45_s390x", "product_identification_helper": { "purl": "pkg:oci/pilot-rhel8@sha256:7b59f76549db37ee09757d79692c52abf1c01baea84fbc98ce5aabc530232f45?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.2.7-7" } } }, { "category": "product_version", "name": "openshift-service-mesh/prometheus-rhel8@sha256:a2e263be450ab7c304d5b9a79d13e8f65a2b82d259034fc34b8f69cfa8029601_s390x", "product": { "name": "openshift-service-mesh/prometheus-rhel8@sha256:a2e263be450ab7c304d5b9a79d13e8f65a2b82d259034fc34b8f69cfa8029601_s390x", "product_id": "openshift-service-mesh/prometheus-rhel8@sha256:a2e263be450ab7c304d5b9a79d13e8f65a2b82d259034fc34b8f69cfa8029601_s390x", "product_identification_helper": { "purl": "pkg:oci/prometheus-rhel8@sha256:a2e263be450ab7c304d5b9a79d13e8f65a2b82d259034fc34b8f69cfa8029601?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/prometheus-rhel8\u0026tag=2.2.7-7" } } }, { "category": "product_version", "name": "openshift-service-mesh/proxyv2-rhel8@sha256:8c3838d96559d417f8986703803843e77732d399d911097488a554b037e2e446_s390x", "product": { "name": "openshift-service-mesh/proxyv2-rhel8@sha256:8c3838d96559d417f8986703803843e77732d399d911097488a554b037e2e446_s390x", "product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:8c3838d96559d417f8986703803843e77732d399d911097488a554b037e2e446_s390x", "product_identification_helper": { "purl": "pkg:oci/proxyv2-rhel8@sha256:8c3838d96559d417f8986703803843e77732d399d911097488a554b037e2e446?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.2.7-6" } } }, { "category": "product_version", "name": "openshift-service-mesh/ratelimit-rhel8@sha256:19821b7b74ed96b78f3322c1b770053c532c27b11b66978731ab4aa257991e81_s390x", "product": { "name": "openshift-service-mesh/ratelimit-rhel8@sha256:19821b7b74ed96b78f3322c1b770053c532c27b11b66978731ab4aa257991e81_s390x", "product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:19821b7b74ed96b78f3322c1b770053c532c27b11b66978731ab4aa257991e81_s390x", "product_identification_helper": { "purl": "pkg:oci/ratelimit-rhel8@sha256:19821b7b74ed96b78f3322c1b770053c532c27b11b66978731ab4aa257991e81?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.2.7-4" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/grafana-rhel8@sha256:ce1247898969a1865d5d7eb865f659131d6dc58e78aecfc31c59615dc21dd48e_s390x as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce1247898969a1865d5d7eb865f659131d6dc58e78aecfc31c59615dc21dd48e_s390x" }, "product_reference": "openshift-service-mesh/grafana-rhel8@sha256:ce1247898969a1865d5d7eb865f659131d6dc58e78aecfc31c59615dc21dd48e_s390x", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/grafana-rhel8@sha256:ce4f38fd64e2e1944e037097b3af9d5b8645f7fc5856b74cba00f94a1a60471f_ppc64le as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce4f38fd64e2e1944e037097b3af9d5b8645f7fc5856b74cba00f94a1a60471f_ppc64le" }, "product_reference": "openshift-service-mesh/grafana-rhel8@sha256:ce4f38fd64e2e1944e037097b3af9d5b8645f7fc5856b74cba00f94a1a60471f_ppc64le", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/grafana-rhel8@sha256:f496643a0600a632a3ce216d67634cff9e6174aeb4d113743fd0443a40b535d9_amd64 as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:f496643a0600a632a3ce216d67634cff9e6174aeb4d113743fd0443a40b535d9_amd64" }, "product_reference": "openshift-service-mesh/grafana-rhel8@sha256:f496643a0600a632a3ce216d67634cff9e6174aeb4d113743fd0443a40b535d9_amd64", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/istio-cni-rhel8@sha256:3f410cd41ea91e0014d1cf8d7f3decb3bf0e3db5e9aa2612480a76f6797aa3b5_amd64 as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:3f410cd41ea91e0014d1cf8d7f3decb3bf0e3db5e9aa2612480a76f6797aa3b5_amd64" }, "product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:3f410cd41ea91e0014d1cf8d7f3decb3bf0e3db5e9aa2612480a76f6797aa3b5_amd64", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/istio-cni-rhel8@sha256:47720497b1bb8ee24993260359294eeeafdd888c71ccca6cb12d526e5c3a4a13_s390x as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:47720497b1bb8ee24993260359294eeeafdd888c71ccca6cb12d526e5c3a4a13_s390x" }, "product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:47720497b1bb8ee24993260359294eeeafdd888c71ccca6cb12d526e5c3a4a13_s390x", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/istio-cni-rhel8@sha256:8abbc8a247ff6de3e5b212e6a2b0203600555e1f3f0c8599aaf19c9cdda59abb_ppc64le as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:8abbc8a247ff6de3e5b212e6a2b0203600555e1f3f0c8599aaf19c9cdda59abb_ppc64le" }, "product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:8abbc8a247ff6de3e5b212e6a2b0203600555e1f3f0c8599aaf19c9cdda59abb_ppc64le", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a2de7f954c0878842b5e214d809382c7d0428b8d3ed22fa1516e49ec583d7790_s390x as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a2de7f954c0878842b5e214d809382c7d0428b8d3ed22fa1516e49ec583d7790_s390x" }, "product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a2de7f954c0878842b5e214d809382c7d0428b8d3ed22fa1516e49ec583d7790_s390x", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:bbd215d60e43f719ac81025128f30002bb11f1d29fa874f3b8b1ce61a9269628_ppc64le as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:bbd215d60e43f719ac81025128f30002bb11f1d29fa874f3b8b1ce61a9269628_ppc64le" }, "product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:bbd215d60e43f719ac81025128f30002bb11f1d29fa874f3b8b1ce61a9269628_ppc64le", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c6cda704d37ed2d233ec225578cb8021429a64d77649c26672c876569a0696b6_amd64 as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:c6cda704d37ed2d233ec225578cb8021429a64d77649c26672c876569a0696b6_amd64" }, "product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c6cda704d37ed2d233ec225578cb8021429a64d77649c26672c876569a0696b6_amd64", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/kiali-rhel8@sha256:351d18f13943b57b5599dc4c2af9970a6add2fbf2cd702f64128e156e4e8a991_s390x as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:351d18f13943b57b5599dc4c2af9970a6add2fbf2cd702f64128e156e4e8a991_s390x" }, "product_reference": "openshift-service-mesh/kiali-rhel8@sha256:351d18f13943b57b5599dc4c2af9970a6add2fbf2cd702f64128e156e4e8a991_s390x", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/kiali-rhel8@sha256:bee9a86adcd6974536fa31d054a880238a720b8bfcd7efc5d656a0ddd5111d06_amd64 as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:bee9a86adcd6974536fa31d054a880238a720b8bfcd7efc5d656a0ddd5111d06_amd64" }, "product_reference": "openshift-service-mesh/kiali-rhel8@sha256:bee9a86adcd6974536fa31d054a880238a720b8bfcd7efc5d656a0ddd5111d06_amd64", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/kiali-rhel8@sha256:eebc6514999806d2726fea70bd7f4979dd71a7b2f2aa220ead6b5a838a0ffbdf_ppc64le as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:eebc6514999806d2726fea70bd7f4979dd71a7b2f2aa220ead6b5a838a0ffbdf_ppc64le" }, "product_reference": "openshift-service-mesh/kiali-rhel8@sha256:eebc6514999806d2726fea70bd7f4979dd71a7b2f2aa220ead6b5a838a0ffbdf_ppc64le", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/pilot-rhel8@sha256:7b59f76549db37ee09757d79692c52abf1c01baea84fbc98ce5aabc530232f45_s390x as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:7b59f76549db37ee09757d79692c52abf1c01baea84fbc98ce5aabc530232f45_s390x" }, "product_reference": "openshift-service-mesh/pilot-rhel8@sha256:7b59f76549db37ee09757d79692c52abf1c01baea84fbc98ce5aabc530232f45_s390x", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/pilot-rhel8@sha256:a4b7ddd16863e41a6642fc52c566d94069732afafdcbd761385be1e4e04c8521_amd64 as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:a4b7ddd16863e41a6642fc52c566d94069732afafdcbd761385be1e4e04c8521_amd64" }, "product_reference": "openshift-service-mesh/pilot-rhel8@sha256:a4b7ddd16863e41a6642fc52c566d94069732afafdcbd761385be1e4e04c8521_amd64", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/pilot-rhel8@sha256:bc137efedf8eaf278f508b7f652e7db96f3dcfbb1b685e5a9359680c77b1838a_ppc64le as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:bc137efedf8eaf278f508b7f652e7db96f3dcfbb1b685e5a9359680c77b1838a_ppc64le" }, "product_reference": "openshift-service-mesh/pilot-rhel8@sha256:bc137efedf8eaf278f508b7f652e7db96f3dcfbb1b685e5a9359680c77b1838a_ppc64le", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/prometheus-rhel8@sha256:2371e4effbf6a4846599729701de09a5613a2df29fee9858b0526470d63a5eb7_amd64 as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:2371e4effbf6a4846599729701de09a5613a2df29fee9858b0526470d63a5eb7_amd64" }, "product_reference": "openshift-service-mesh/prometheus-rhel8@sha256:2371e4effbf6a4846599729701de09a5613a2df29fee9858b0526470d63a5eb7_amd64", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/prometheus-rhel8@sha256:a2e263be450ab7c304d5b9a79d13e8f65a2b82d259034fc34b8f69cfa8029601_s390x as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:a2e263be450ab7c304d5b9a79d13e8f65a2b82d259034fc34b8f69cfa8029601_s390x" }, "product_reference": "openshift-service-mesh/prometheus-rhel8@sha256:a2e263be450ab7c304d5b9a79d13e8f65a2b82d259034fc34b8f69cfa8029601_s390x", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/prometheus-rhel8@sha256:f5d874b252b5fa89e85db384b81096cd84fbfafc593532bb6ea0175f680115c7_ppc64le as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:f5d874b252b5fa89e85db384b81096cd84fbfafc593532bb6ea0175f680115c7_ppc64le" }, "product_reference": "openshift-service-mesh/prometheus-rhel8@sha256:f5d874b252b5fa89e85db384b81096cd84fbfafc593532bb6ea0175f680115c7_ppc64le", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/proxyv2-rhel8@sha256:4ffd0acfd05fa5cab68372121f34901adcef3f94d9c38beee8559f9ad8a0fd5a_ppc64le as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4ffd0acfd05fa5cab68372121f34901adcef3f94d9c38beee8559f9ad8a0fd5a_ppc64le" }, "product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:4ffd0acfd05fa5cab68372121f34901adcef3f94d9c38beee8559f9ad8a0fd5a_ppc64le", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/proxyv2-rhel8@sha256:8c3838d96559d417f8986703803843e77732d399d911097488a554b037e2e446_s390x as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:8c3838d96559d417f8986703803843e77732d399d911097488a554b037e2e446_s390x" }, "product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:8c3838d96559d417f8986703803843e77732d399d911097488a554b037e2e446_s390x", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/proxyv2-rhel8@sha256:99e0a7f2861823dbd94ed53294a255aab2f710cc0c932dca84ae0681494e029b_amd64 as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:99e0a7f2861823dbd94ed53294a255aab2f710cc0c932dca84ae0681494e029b_amd64" }, "product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:99e0a7f2861823dbd94ed53294a255aab2f710cc0c932dca84ae0681494e029b_amd64", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/ratelimit-rhel8@sha256:0f35f2a716c4a04873d6dfad61f0d8fc262f2190609cd1cc5578da48cd9d0f4d_ppc64le as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:0f35f2a716c4a04873d6dfad61f0d8fc262f2190609cd1cc5578da48cd9d0f4d_ppc64le" }, "product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:0f35f2a716c4a04873d6dfad61f0d8fc262f2190609cd1cc5578da48cd9d0f4d_ppc64le", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/ratelimit-rhel8@sha256:19821b7b74ed96b78f3322c1b770053c532c27b11b66978731ab4aa257991e81_s390x as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:19821b7b74ed96b78f3322c1b770053c532c27b11b66978731ab4aa257991e81_s390x" }, "product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:19821b7b74ed96b78f3322c1b770053c532c27b11b66978731ab4aa257991e81_s390x", "relates_to_product_reference": "8Base-RHOSSM-2.2" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/ratelimit-rhel8@sha256:8918686da37dad102867ad55788b2b0f7d750cf137b76a4ca51e244367de6375_amd64 as a component of RHOSSM 2.2 for RHEL 8", "product_id": "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8918686da37dad102867ad55788b2b0f7d750cf137b76a4ca51e244367de6375_amd64" }, "product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:8918686da37dad102867ad55788b2b0f7d750cf137b76a4ca51e244367de6375_amd64", "relates_to_product_reference": "8Base-RHOSSM-2.2" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-20329", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-06-10T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce1247898969a1865d5d7eb865f659131d6dc58e78aecfc31c59615dc21dd48e_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce4f38fd64e2e1944e037097b3af9d5b8645f7fc5856b74cba00f94a1a60471f_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:f496643a0600a632a3ce216d67634cff9e6174aeb4d113743fd0443a40b535d9_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:3f410cd41ea91e0014d1cf8d7f3decb3bf0e3db5e9aa2612480a76f6797aa3b5_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:47720497b1bb8ee24993260359294eeeafdd888c71ccca6cb12d526e5c3a4a13_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:8abbc8a247ff6de3e5b212e6a2b0203600555e1f3f0c8599aaf19c9cdda59abb_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a2de7f954c0878842b5e214d809382c7d0428b8d3ed22fa1516e49ec583d7790_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:bbd215d60e43f719ac81025128f30002bb11f1d29fa874f3b8b1ce61a9269628_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:c6cda704d37ed2d233ec225578cb8021429a64d77649c26672c876569a0696b6_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:351d18f13943b57b5599dc4c2af9970a6add2fbf2cd702f64128e156e4e8a991_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:bee9a86adcd6974536fa31d054a880238a720b8bfcd7efc5d656a0ddd5111d06_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:eebc6514999806d2726fea70bd7f4979dd71a7b2f2aa220ead6b5a838a0ffbdf_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:7b59f76549db37ee09757d79692c52abf1c01baea84fbc98ce5aabc530232f45_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:a4b7ddd16863e41a6642fc52c566d94069732afafdcbd761385be1e4e04c8521_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:bc137efedf8eaf278f508b7f652e7db96f3dcfbb1b685e5a9359680c77b1838a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4ffd0acfd05fa5cab68372121f34901adcef3f94d9c38beee8559f9ad8a0fd5a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:8c3838d96559d417f8986703803843e77732d399d911097488a554b037e2e446_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:99e0a7f2861823dbd94ed53294a255aab2f710cc0c932dca84ae0681494e029b_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:0f35f2a716c4a04873d6dfad61f0d8fc262f2190609cd1cc5578da48cd9d0f4d_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:19821b7b74ed96b78f3322c1b770053c532c27b11b66978731ab4aa257991e81_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8918686da37dad102867ad55788b2b0f7d750cf137b76a4ca51e244367de6375_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1971033" } ], "notes": [ { "category": "description", "text": "A flaw was found in Mongo. Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshaling Go objects into BSON. This flaw allows a malicious user to use a Go object with a specific string to inject additional fields into marshaled documents.", "title": "Vulnerability description" }, { "category": "summary", "text": "mongo-go-driver: specific cstrings input may not be properly validated", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:2371e4effbf6a4846599729701de09a5613a2df29fee9858b0526470d63a5eb7_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:a2e263be450ab7c304d5b9a79d13e8f65a2b82d259034fc34b8f69cfa8029601_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:f5d874b252b5fa89e85db384b81096cd84fbfafc593532bb6ea0175f680115c7_ppc64le" ], "known_not_affected": [ "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce1247898969a1865d5d7eb865f659131d6dc58e78aecfc31c59615dc21dd48e_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce4f38fd64e2e1944e037097b3af9d5b8645f7fc5856b74cba00f94a1a60471f_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:f496643a0600a632a3ce216d67634cff9e6174aeb4d113743fd0443a40b535d9_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:3f410cd41ea91e0014d1cf8d7f3decb3bf0e3db5e9aa2612480a76f6797aa3b5_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:47720497b1bb8ee24993260359294eeeafdd888c71ccca6cb12d526e5c3a4a13_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:8abbc8a247ff6de3e5b212e6a2b0203600555e1f3f0c8599aaf19c9cdda59abb_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a2de7f954c0878842b5e214d809382c7d0428b8d3ed22fa1516e49ec583d7790_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:bbd215d60e43f719ac81025128f30002bb11f1d29fa874f3b8b1ce61a9269628_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:c6cda704d37ed2d233ec225578cb8021429a64d77649c26672c876569a0696b6_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:351d18f13943b57b5599dc4c2af9970a6add2fbf2cd702f64128e156e4e8a991_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:bee9a86adcd6974536fa31d054a880238a720b8bfcd7efc5d656a0ddd5111d06_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:eebc6514999806d2726fea70bd7f4979dd71a7b2f2aa220ead6b5a838a0ffbdf_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:7b59f76549db37ee09757d79692c52abf1c01baea84fbc98ce5aabc530232f45_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:a4b7ddd16863e41a6642fc52c566d94069732afafdcbd761385be1e4e04c8521_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:bc137efedf8eaf278f508b7f652e7db96f3dcfbb1b685e5a9359680c77b1838a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4ffd0acfd05fa5cab68372121f34901adcef3f94d9c38beee8559f9ad8a0fd5a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:8c3838d96559d417f8986703803843e77732d399d911097488a554b037e2e446_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:99e0a7f2861823dbd94ed53294a255aab2f710cc0c932dca84ae0681494e029b_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:0f35f2a716c4a04873d6dfad61f0d8fc262f2190609cd1cc5578da48cd9d0f4d_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:19821b7b74ed96b78f3322c1b770053c532c27b11b66978731ab4aa257991e81_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8918686da37dad102867ad55788b2b0f7d750cf137b76a4ca51e244367de6375_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-20329" }, { "category": "external", "summary": "RHBZ#1971033", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1971033" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-20329", "url": "https://www.cve.org/CVERecord?id=CVE-2021-20329" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20329", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20329" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-f6mq-5m25-4r72", "url": "https://github.com/advisories/GHSA-f6mq-5m25-4r72" }, { "category": "external", "summary": "https://github.com/mongodb/mongo-go-driver/releases/tag/v1.5.1", "url": "https://github.com/mongodb/mongo-go-driver/releases/tag/v1.5.1" } ], "release_date": "2021-03-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-15T20:55:50+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:2371e4effbf6a4846599729701de09a5613a2df29fee9858b0526470d63a5eb7_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:a2e263be450ab7c304d5b9a79d13e8f65a2b82d259034fc34b8f69cfa8029601_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:f5d874b252b5fa89e85db384b81096cd84fbfafc593532bb6ea0175f680115c7_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3645" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce1247898969a1865d5d7eb865f659131d6dc58e78aecfc31c59615dc21dd48e_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce4f38fd64e2e1944e037097b3af9d5b8645f7fc5856b74cba00f94a1a60471f_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:f496643a0600a632a3ce216d67634cff9e6174aeb4d113743fd0443a40b535d9_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:3f410cd41ea91e0014d1cf8d7f3decb3bf0e3db5e9aa2612480a76f6797aa3b5_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:47720497b1bb8ee24993260359294eeeafdd888c71ccca6cb12d526e5c3a4a13_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:8abbc8a247ff6de3e5b212e6a2b0203600555e1f3f0c8599aaf19c9cdda59abb_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a2de7f954c0878842b5e214d809382c7d0428b8d3ed22fa1516e49ec583d7790_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:bbd215d60e43f719ac81025128f30002bb11f1d29fa874f3b8b1ce61a9269628_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:c6cda704d37ed2d233ec225578cb8021429a64d77649c26672c876569a0696b6_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:351d18f13943b57b5599dc4c2af9970a6add2fbf2cd702f64128e156e4e8a991_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:bee9a86adcd6974536fa31d054a880238a720b8bfcd7efc5d656a0ddd5111d06_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:eebc6514999806d2726fea70bd7f4979dd71a7b2f2aa220ead6b5a838a0ffbdf_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:7b59f76549db37ee09757d79692c52abf1c01baea84fbc98ce5aabc530232f45_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:a4b7ddd16863e41a6642fc52c566d94069732afafdcbd761385be1e4e04c8521_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:bc137efedf8eaf278f508b7f652e7db96f3dcfbb1b685e5a9359680c77b1838a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:2371e4effbf6a4846599729701de09a5613a2df29fee9858b0526470d63a5eb7_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:a2e263be450ab7c304d5b9a79d13e8f65a2b82d259034fc34b8f69cfa8029601_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:f5d874b252b5fa89e85db384b81096cd84fbfafc593532bb6ea0175f680115c7_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4ffd0acfd05fa5cab68372121f34901adcef3f94d9c38beee8559f9ad8a0fd5a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:8c3838d96559d417f8986703803843e77732d399d911097488a554b037e2e446_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:99e0a7f2861823dbd94ed53294a255aab2f710cc0c932dca84ae0681494e029b_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:0f35f2a716c4a04873d6dfad61f0d8fc262f2190609cd1cc5578da48cd9d0f4d_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:19821b7b74ed96b78f3322c1b770053c532c27b11b66978731ab4aa257991e81_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8918686da37dad102867ad55788b2b0f7d750cf137b76a4ca51e244367de6375_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "mongo-go-driver: specific cstrings input may not be properly validated" }, { "cve": "CVE-2021-43138", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-09-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce1247898969a1865d5d7eb865f659131d6dc58e78aecfc31c59615dc21dd48e_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce4f38fd64e2e1944e037097b3af9d5b8645f7fc5856b74cba00f94a1a60471f_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:f496643a0600a632a3ce216d67634cff9e6174aeb4d113743fd0443a40b535d9_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:3f410cd41ea91e0014d1cf8d7f3decb3bf0e3db5e9aa2612480a76f6797aa3b5_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:47720497b1bb8ee24993260359294eeeafdd888c71ccca6cb12d526e5c3a4a13_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:8abbc8a247ff6de3e5b212e6a2b0203600555e1f3f0c8599aaf19c9cdda59abb_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a2de7f954c0878842b5e214d809382c7d0428b8d3ed22fa1516e49ec583d7790_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:bbd215d60e43f719ac81025128f30002bb11f1d29fa874f3b8b1ce61a9269628_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:c6cda704d37ed2d233ec225578cb8021429a64d77649c26672c876569a0696b6_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:351d18f13943b57b5599dc4c2af9970a6add2fbf2cd702f64128e156e4e8a991_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:bee9a86adcd6974536fa31d054a880238a720b8bfcd7efc5d656a0ddd5111d06_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:eebc6514999806d2726fea70bd7f4979dd71a7b2f2aa220ead6b5a838a0ffbdf_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:7b59f76549db37ee09757d79692c52abf1c01baea84fbc98ce5aabc530232f45_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:a4b7ddd16863e41a6642fc52c566d94069732afafdcbd761385be1e4e04c8521_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:bc137efedf8eaf278f508b7f652e7db96f3dcfbb1b685e5a9359680c77b1838a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4ffd0acfd05fa5cab68372121f34901adcef3f94d9c38beee8559f9ad8a0fd5a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:8c3838d96559d417f8986703803843e77732d399d911097488a554b037e2e446_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:99e0a7f2861823dbd94ed53294a255aab2f710cc0c932dca84ae0681494e029b_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:0f35f2a716c4a04873d6dfad61f0d8fc262f2190609cd1cc5578da48cd9d0f4d_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:19821b7b74ed96b78f3322c1b770053c532c27b11b66978731ab4aa257991e81_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8918686da37dad102867ad55788b2b0f7d750cf137b76a4ca51e244367de6375_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2126276" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the async package. This flaw allows a malicious user to obtain privileges via the mapValues() method.", "title": "Vulnerability description" }, { "category": "summary", "text": "async: Prototype Pollution in async", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:2371e4effbf6a4846599729701de09a5613a2df29fee9858b0526470d63a5eb7_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:a2e263be450ab7c304d5b9a79d13e8f65a2b82d259034fc34b8f69cfa8029601_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:f5d874b252b5fa89e85db384b81096cd84fbfafc593532bb6ea0175f680115c7_ppc64le" ], "known_not_affected": [ "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce1247898969a1865d5d7eb865f659131d6dc58e78aecfc31c59615dc21dd48e_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce4f38fd64e2e1944e037097b3af9d5b8645f7fc5856b74cba00f94a1a60471f_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:f496643a0600a632a3ce216d67634cff9e6174aeb4d113743fd0443a40b535d9_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:3f410cd41ea91e0014d1cf8d7f3decb3bf0e3db5e9aa2612480a76f6797aa3b5_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:47720497b1bb8ee24993260359294eeeafdd888c71ccca6cb12d526e5c3a4a13_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:8abbc8a247ff6de3e5b212e6a2b0203600555e1f3f0c8599aaf19c9cdda59abb_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a2de7f954c0878842b5e214d809382c7d0428b8d3ed22fa1516e49ec583d7790_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:bbd215d60e43f719ac81025128f30002bb11f1d29fa874f3b8b1ce61a9269628_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:c6cda704d37ed2d233ec225578cb8021429a64d77649c26672c876569a0696b6_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:351d18f13943b57b5599dc4c2af9970a6add2fbf2cd702f64128e156e4e8a991_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:bee9a86adcd6974536fa31d054a880238a720b8bfcd7efc5d656a0ddd5111d06_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:eebc6514999806d2726fea70bd7f4979dd71a7b2f2aa220ead6b5a838a0ffbdf_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:7b59f76549db37ee09757d79692c52abf1c01baea84fbc98ce5aabc530232f45_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:a4b7ddd16863e41a6642fc52c566d94069732afafdcbd761385be1e4e04c8521_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:bc137efedf8eaf278f508b7f652e7db96f3dcfbb1b685e5a9359680c77b1838a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4ffd0acfd05fa5cab68372121f34901adcef3f94d9c38beee8559f9ad8a0fd5a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:8c3838d96559d417f8986703803843e77732d399d911097488a554b037e2e446_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:99e0a7f2861823dbd94ed53294a255aab2f710cc0c932dca84ae0681494e029b_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:0f35f2a716c4a04873d6dfad61f0d8fc262f2190609cd1cc5578da48cd9d0f4d_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:19821b7b74ed96b78f3322c1b770053c532c27b11b66978731ab4aa257991e81_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8918686da37dad102867ad55788b2b0f7d750cf137b76a4ca51e244367de6375_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-43138" }, { "category": "external", "summary": "RHBZ#2126276", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126276" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-43138", "url": "https://www.cve.org/CVERecord?id=CVE-2021-43138" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43138", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43138" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-fwr7-v2mv-hh25", "url": "https://github.com/advisories/GHSA-fwr7-v2mv-hh25" } ], "release_date": "2022-04-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-15T20:55:50+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:2371e4effbf6a4846599729701de09a5613a2df29fee9858b0526470d63a5eb7_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:a2e263be450ab7c304d5b9a79d13e8f65a2b82d259034fc34b8f69cfa8029601_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:f5d874b252b5fa89e85db384b81096cd84fbfafc593532bb6ea0175f680115c7_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3645" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce1247898969a1865d5d7eb865f659131d6dc58e78aecfc31c59615dc21dd48e_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce4f38fd64e2e1944e037097b3af9d5b8645f7fc5856b74cba00f94a1a60471f_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:f496643a0600a632a3ce216d67634cff9e6174aeb4d113743fd0443a40b535d9_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:3f410cd41ea91e0014d1cf8d7f3decb3bf0e3db5e9aa2612480a76f6797aa3b5_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:47720497b1bb8ee24993260359294eeeafdd888c71ccca6cb12d526e5c3a4a13_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:8abbc8a247ff6de3e5b212e6a2b0203600555e1f3f0c8599aaf19c9cdda59abb_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a2de7f954c0878842b5e214d809382c7d0428b8d3ed22fa1516e49ec583d7790_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:bbd215d60e43f719ac81025128f30002bb11f1d29fa874f3b8b1ce61a9269628_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:c6cda704d37ed2d233ec225578cb8021429a64d77649c26672c876569a0696b6_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:351d18f13943b57b5599dc4c2af9970a6add2fbf2cd702f64128e156e4e8a991_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:bee9a86adcd6974536fa31d054a880238a720b8bfcd7efc5d656a0ddd5111d06_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:eebc6514999806d2726fea70bd7f4979dd71a7b2f2aa220ead6b5a838a0ffbdf_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:7b59f76549db37ee09757d79692c52abf1c01baea84fbc98ce5aabc530232f45_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:a4b7ddd16863e41a6642fc52c566d94069732afafdcbd761385be1e4e04c8521_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:bc137efedf8eaf278f508b7f652e7db96f3dcfbb1b685e5a9359680c77b1838a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:2371e4effbf6a4846599729701de09a5613a2df29fee9858b0526470d63a5eb7_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:a2e263be450ab7c304d5b9a79d13e8f65a2b82d259034fc34b8f69cfa8029601_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:f5d874b252b5fa89e85db384b81096cd84fbfafc593532bb6ea0175f680115c7_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4ffd0acfd05fa5cab68372121f34901adcef3f94d9c38beee8559f9ad8a0fd5a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:8c3838d96559d417f8986703803843e77732d399d911097488a554b037e2e446_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:99e0a7f2861823dbd94ed53294a255aab2f710cc0c932dca84ae0681494e029b_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:0f35f2a716c4a04873d6dfad61f0d8fc262f2190609cd1cc5578da48cd9d0f4d_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:19821b7b74ed96b78f3322c1b770053c532c27b11b66978731ab4aa257991e81_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8918686da37dad102867ad55788b2b0f7d750cf137b76a4ca51e244367de6375_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "async: Prototype Pollution in async" }, { "cve": "CVE-2022-24999", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce1247898969a1865d5d7eb865f659131d6dc58e78aecfc31c59615dc21dd48e_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce4f38fd64e2e1944e037097b3af9d5b8645f7fc5856b74cba00f94a1a60471f_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:f496643a0600a632a3ce216d67634cff9e6174aeb4d113743fd0443a40b535d9_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:3f410cd41ea91e0014d1cf8d7f3decb3bf0e3db5e9aa2612480a76f6797aa3b5_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:47720497b1bb8ee24993260359294eeeafdd888c71ccca6cb12d526e5c3a4a13_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:8abbc8a247ff6de3e5b212e6a2b0203600555e1f3f0c8599aaf19c9cdda59abb_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a2de7f954c0878842b5e214d809382c7d0428b8d3ed22fa1516e49ec583d7790_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:bbd215d60e43f719ac81025128f30002bb11f1d29fa874f3b8b1ce61a9269628_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:c6cda704d37ed2d233ec225578cb8021429a64d77649c26672c876569a0696b6_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:351d18f13943b57b5599dc4c2af9970a6add2fbf2cd702f64128e156e4e8a991_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:bee9a86adcd6974536fa31d054a880238a720b8bfcd7efc5d656a0ddd5111d06_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:eebc6514999806d2726fea70bd7f4979dd71a7b2f2aa220ead6b5a838a0ffbdf_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:7b59f76549db37ee09757d79692c52abf1c01baea84fbc98ce5aabc530232f45_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:a4b7ddd16863e41a6642fc52c566d94069732afafdcbd761385be1e4e04c8521_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:bc137efedf8eaf278f508b7f652e7db96f3dcfbb1b685e5a9359680c77b1838a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4ffd0acfd05fa5cab68372121f34901adcef3f94d9c38beee8559f9ad8a0fd5a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:8c3838d96559d417f8986703803843e77732d399d911097488a554b037e2e446_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:99e0a7f2861823dbd94ed53294a255aab2f710cc0c932dca84ae0681494e029b_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:0f35f2a716c4a04873d6dfad61f0d8fc262f2190609cd1cc5578da48cd9d0f4d_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:19821b7b74ed96b78f3322c1b770053c532c27b11b66978731ab4aa257991e81_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8918686da37dad102867ad55788b2b0f7d750cf137b76a4ca51e244367de6375_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150323" } ], "notes": [ { "category": "description", "text": "A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "express: \"qs\" prototype poisoning causes the hang of the node process", "title": "Vulnerability summary" }, { "category": "other", "text": "- The qs and express Package is not used by the OpenShift Container Platform console directly and is only a third-party package dependency. Hence, it is marked as wontfix. \nAs a result, any services that depend on Openshift for their use of qs and express are marked won\u0027t fix. \n- In OpenShift Service Mesh, \u0027qs\u0027 is hoisted from storybook and node-sass, both are dev dependencies, and the vulnerability is not exposed to end users. Hence marked as wontfix.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:2371e4effbf6a4846599729701de09a5613a2df29fee9858b0526470d63a5eb7_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:a2e263be450ab7c304d5b9a79d13e8f65a2b82d259034fc34b8f69cfa8029601_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:f5d874b252b5fa89e85db384b81096cd84fbfafc593532bb6ea0175f680115c7_ppc64le" ], "known_not_affected": [ "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce1247898969a1865d5d7eb865f659131d6dc58e78aecfc31c59615dc21dd48e_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce4f38fd64e2e1944e037097b3af9d5b8645f7fc5856b74cba00f94a1a60471f_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:f496643a0600a632a3ce216d67634cff9e6174aeb4d113743fd0443a40b535d9_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:3f410cd41ea91e0014d1cf8d7f3decb3bf0e3db5e9aa2612480a76f6797aa3b5_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:47720497b1bb8ee24993260359294eeeafdd888c71ccca6cb12d526e5c3a4a13_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:8abbc8a247ff6de3e5b212e6a2b0203600555e1f3f0c8599aaf19c9cdda59abb_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a2de7f954c0878842b5e214d809382c7d0428b8d3ed22fa1516e49ec583d7790_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:bbd215d60e43f719ac81025128f30002bb11f1d29fa874f3b8b1ce61a9269628_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:c6cda704d37ed2d233ec225578cb8021429a64d77649c26672c876569a0696b6_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:351d18f13943b57b5599dc4c2af9970a6add2fbf2cd702f64128e156e4e8a991_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:bee9a86adcd6974536fa31d054a880238a720b8bfcd7efc5d656a0ddd5111d06_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:eebc6514999806d2726fea70bd7f4979dd71a7b2f2aa220ead6b5a838a0ffbdf_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:7b59f76549db37ee09757d79692c52abf1c01baea84fbc98ce5aabc530232f45_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:a4b7ddd16863e41a6642fc52c566d94069732afafdcbd761385be1e4e04c8521_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:bc137efedf8eaf278f508b7f652e7db96f3dcfbb1b685e5a9359680c77b1838a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4ffd0acfd05fa5cab68372121f34901adcef3f94d9c38beee8559f9ad8a0fd5a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:8c3838d96559d417f8986703803843e77732d399d911097488a554b037e2e446_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:99e0a7f2861823dbd94ed53294a255aab2f710cc0c932dca84ae0681494e029b_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:0f35f2a716c4a04873d6dfad61f0d8fc262f2190609cd1cc5578da48cd9d0f4d_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:19821b7b74ed96b78f3322c1b770053c532c27b11b66978731ab4aa257991e81_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8918686da37dad102867ad55788b2b0f7d750cf137b76a4ca51e244367de6375_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24999" }, { "category": "external", "summary": "RHBZ#2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24999", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999" }, { "category": "external", "summary": "https://github.com/expressjs/express/releases/tag/4.17.3", "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "category": "external", "summary": "https://github.com/ljharb/qs/pull/428", "url": "https://github.com/ljharb/qs/pull/428" }, { "category": "external", "summary": "https://github.com/n8tz/CVE-2022-24999", "url": "https://github.com/n8tz/CVE-2022-24999" } ], "release_date": "2022-11-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-15T20:55:50+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:2371e4effbf6a4846599729701de09a5613a2df29fee9858b0526470d63a5eb7_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:a2e263be450ab7c304d5b9a79d13e8f65a2b82d259034fc34b8f69cfa8029601_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:f5d874b252b5fa89e85db384b81096cd84fbfafc593532bb6ea0175f680115c7_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3645" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce1247898969a1865d5d7eb865f659131d6dc58e78aecfc31c59615dc21dd48e_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce4f38fd64e2e1944e037097b3af9d5b8645f7fc5856b74cba00f94a1a60471f_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:f496643a0600a632a3ce216d67634cff9e6174aeb4d113743fd0443a40b535d9_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:3f410cd41ea91e0014d1cf8d7f3decb3bf0e3db5e9aa2612480a76f6797aa3b5_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:47720497b1bb8ee24993260359294eeeafdd888c71ccca6cb12d526e5c3a4a13_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:8abbc8a247ff6de3e5b212e6a2b0203600555e1f3f0c8599aaf19c9cdda59abb_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a2de7f954c0878842b5e214d809382c7d0428b8d3ed22fa1516e49ec583d7790_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:bbd215d60e43f719ac81025128f30002bb11f1d29fa874f3b8b1ce61a9269628_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:c6cda704d37ed2d233ec225578cb8021429a64d77649c26672c876569a0696b6_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:351d18f13943b57b5599dc4c2af9970a6add2fbf2cd702f64128e156e4e8a991_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:bee9a86adcd6974536fa31d054a880238a720b8bfcd7efc5d656a0ddd5111d06_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:eebc6514999806d2726fea70bd7f4979dd71a7b2f2aa220ead6b5a838a0ffbdf_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:7b59f76549db37ee09757d79692c52abf1c01baea84fbc98ce5aabc530232f45_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:a4b7ddd16863e41a6642fc52c566d94069732afafdcbd761385be1e4e04c8521_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:bc137efedf8eaf278f508b7f652e7db96f3dcfbb1b685e5a9359680c77b1838a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:2371e4effbf6a4846599729701de09a5613a2df29fee9858b0526470d63a5eb7_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:a2e263be450ab7c304d5b9a79d13e8f65a2b82d259034fc34b8f69cfa8029601_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:f5d874b252b5fa89e85db384b81096cd84fbfafc593532bb6ea0175f680115c7_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4ffd0acfd05fa5cab68372121f34901adcef3f94d9c38beee8559f9ad8a0fd5a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:8c3838d96559d417f8986703803843e77732d399d911097488a554b037e2e446_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:99e0a7f2861823dbd94ed53294a255aab2f710cc0c932dca84ae0681494e029b_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:0f35f2a716c4a04873d6dfad61f0d8fc262f2190609cd1cc5578da48cd9d0f4d_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:19821b7b74ed96b78f3322c1b770053c532c27b11b66978731ab4aa257991e81_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8918686da37dad102867ad55788b2b0f7d750cf137b76a4ca51e244367de6375_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "express: \"qs\" prototype poisoning causes the hang of the node process" }, { "cve": "CVE-2022-25858", "discovery_date": "2022-09-13T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce1247898969a1865d5d7eb865f659131d6dc58e78aecfc31c59615dc21dd48e_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce4f38fd64e2e1944e037097b3af9d5b8645f7fc5856b74cba00f94a1a60471f_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:f496643a0600a632a3ce216d67634cff9e6174aeb4d113743fd0443a40b535d9_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:3f410cd41ea91e0014d1cf8d7f3decb3bf0e3db5e9aa2612480a76f6797aa3b5_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:47720497b1bb8ee24993260359294eeeafdd888c71ccca6cb12d526e5c3a4a13_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:8abbc8a247ff6de3e5b212e6a2b0203600555e1f3f0c8599aaf19c9cdda59abb_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a2de7f954c0878842b5e214d809382c7d0428b8d3ed22fa1516e49ec583d7790_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:bbd215d60e43f719ac81025128f30002bb11f1d29fa874f3b8b1ce61a9269628_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:c6cda704d37ed2d233ec225578cb8021429a64d77649c26672c876569a0696b6_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:351d18f13943b57b5599dc4c2af9970a6add2fbf2cd702f64128e156e4e8a991_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:bee9a86adcd6974536fa31d054a880238a720b8bfcd7efc5d656a0ddd5111d06_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:eebc6514999806d2726fea70bd7f4979dd71a7b2f2aa220ead6b5a838a0ffbdf_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:7b59f76549db37ee09757d79692c52abf1c01baea84fbc98ce5aabc530232f45_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:a4b7ddd16863e41a6642fc52c566d94069732afafdcbd761385be1e4e04c8521_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:bc137efedf8eaf278f508b7f652e7db96f3dcfbb1b685e5a9359680c77b1838a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4ffd0acfd05fa5cab68372121f34901adcef3f94d9c38beee8559f9ad8a0fd5a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:8c3838d96559d417f8986703803843e77732d399d911097488a554b037e2e446_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:99e0a7f2861823dbd94ed53294a255aab2f710cc0c932dca84ae0681494e029b_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:0f35f2a716c4a04873d6dfad61f0d8fc262f2190609cd1cc5578da48cd9d0f4d_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:19821b7b74ed96b78f3322c1b770053c532c27b11b66978731ab4aa257991e81_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8918686da37dad102867ad55788b2b0f7d750cf137b76a4ca51e244367de6375_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2126277" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the terser package. Affected versions of this package are vulnerable to Regular expression denial of service (ReDoS) attacks, affecting system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "terser: insecure use of regular expressions leads to ReDoS", "title": "Vulnerability summary" }, { "category": "other", "text": "For OpenShift Do (odo) product terser is shipped only for using in static page generators for upstream, thus this represents no security risk.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:2371e4effbf6a4846599729701de09a5613a2df29fee9858b0526470d63a5eb7_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:a2e263be450ab7c304d5b9a79d13e8f65a2b82d259034fc34b8f69cfa8029601_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:f5d874b252b5fa89e85db384b81096cd84fbfafc593532bb6ea0175f680115c7_ppc64le" ], "known_not_affected": [ "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce1247898969a1865d5d7eb865f659131d6dc58e78aecfc31c59615dc21dd48e_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce4f38fd64e2e1944e037097b3af9d5b8645f7fc5856b74cba00f94a1a60471f_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:f496643a0600a632a3ce216d67634cff9e6174aeb4d113743fd0443a40b535d9_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:3f410cd41ea91e0014d1cf8d7f3decb3bf0e3db5e9aa2612480a76f6797aa3b5_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:47720497b1bb8ee24993260359294eeeafdd888c71ccca6cb12d526e5c3a4a13_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:8abbc8a247ff6de3e5b212e6a2b0203600555e1f3f0c8599aaf19c9cdda59abb_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a2de7f954c0878842b5e214d809382c7d0428b8d3ed22fa1516e49ec583d7790_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:bbd215d60e43f719ac81025128f30002bb11f1d29fa874f3b8b1ce61a9269628_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:c6cda704d37ed2d233ec225578cb8021429a64d77649c26672c876569a0696b6_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:351d18f13943b57b5599dc4c2af9970a6add2fbf2cd702f64128e156e4e8a991_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:bee9a86adcd6974536fa31d054a880238a720b8bfcd7efc5d656a0ddd5111d06_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:eebc6514999806d2726fea70bd7f4979dd71a7b2f2aa220ead6b5a838a0ffbdf_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:7b59f76549db37ee09757d79692c52abf1c01baea84fbc98ce5aabc530232f45_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:a4b7ddd16863e41a6642fc52c566d94069732afafdcbd761385be1e4e04c8521_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:bc137efedf8eaf278f508b7f652e7db96f3dcfbb1b685e5a9359680c77b1838a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4ffd0acfd05fa5cab68372121f34901adcef3f94d9c38beee8559f9ad8a0fd5a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:8c3838d96559d417f8986703803843e77732d399d911097488a554b037e2e446_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:99e0a7f2861823dbd94ed53294a255aab2f710cc0c932dca84ae0681494e029b_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:0f35f2a716c4a04873d6dfad61f0d8fc262f2190609cd1cc5578da48cd9d0f4d_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:19821b7b74ed96b78f3322c1b770053c532c27b11b66978731ab4aa257991e81_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8918686da37dad102867ad55788b2b0f7d750cf137b76a4ca51e244367de6375_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-25858" }, { "category": "external", "summary": "RHBZ#2126277", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126277" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25858", "url": "https://www.cve.org/CVERecord?id=CVE-2022-25858" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25858", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25858" } ], "release_date": "2022-07-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-06-15T20:55:50+00:00", "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:2371e4effbf6a4846599729701de09a5613a2df29fee9858b0526470d63a5eb7_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:a2e263be450ab7c304d5b9a79d13e8f65a2b82d259034fc34b8f69cfa8029601_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:f5d874b252b5fa89e85db384b81096cd84fbfafc593532bb6ea0175f680115c7_ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3645" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce1247898969a1865d5d7eb865f659131d6dc58e78aecfc31c59615dc21dd48e_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:ce4f38fd64e2e1944e037097b3af9d5b8645f7fc5856b74cba00f94a1a60471f_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/grafana-rhel8@sha256:f496643a0600a632a3ce216d67634cff9e6174aeb4d113743fd0443a40b535d9_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:3f410cd41ea91e0014d1cf8d7f3decb3bf0e3db5e9aa2612480a76f6797aa3b5_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:47720497b1bb8ee24993260359294eeeafdd888c71ccca6cb12d526e5c3a4a13_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-cni-rhel8@sha256:8abbc8a247ff6de3e5b212e6a2b0203600555e1f3f0c8599aaf19c9cdda59abb_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:a2de7f954c0878842b5e214d809382c7d0428b8d3ed22fa1516e49ec583d7790_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:bbd215d60e43f719ac81025128f30002bb11f1d29fa874f3b8b1ce61a9269628_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/istio-must-gather-rhel8@sha256:c6cda704d37ed2d233ec225578cb8021429a64d77649c26672c876569a0696b6_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:351d18f13943b57b5599dc4c2af9970a6add2fbf2cd702f64128e156e4e8a991_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:bee9a86adcd6974536fa31d054a880238a720b8bfcd7efc5d656a0ddd5111d06_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/kiali-rhel8@sha256:eebc6514999806d2726fea70bd7f4979dd71a7b2f2aa220ead6b5a838a0ffbdf_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:7b59f76549db37ee09757d79692c52abf1c01baea84fbc98ce5aabc530232f45_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:a4b7ddd16863e41a6642fc52c566d94069732afafdcbd761385be1e4e04c8521_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/pilot-rhel8@sha256:bc137efedf8eaf278f508b7f652e7db96f3dcfbb1b685e5a9359680c77b1838a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:2371e4effbf6a4846599729701de09a5613a2df29fee9858b0526470d63a5eb7_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:a2e263be450ab7c304d5b9a79d13e8f65a2b82d259034fc34b8f69cfa8029601_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/prometheus-rhel8@sha256:f5d874b252b5fa89e85db384b81096cd84fbfafc593532bb6ea0175f680115c7_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:4ffd0acfd05fa5cab68372121f34901adcef3f94d9c38beee8559f9ad8a0fd5a_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:8c3838d96559d417f8986703803843e77732d399d911097488a554b037e2e446_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/proxyv2-rhel8@sha256:99e0a7f2861823dbd94ed53294a255aab2f710cc0c932dca84ae0681494e029b_amd64", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:0f35f2a716c4a04873d6dfad61f0d8fc262f2190609cd1cc5578da48cd9d0f4d_ppc64le", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:19821b7b74ed96b78f3322c1b770053c532c27b11b66978731ab4aa257991e81_s390x", "8Base-RHOSSM-2.2:openshift-service-mesh/ratelimit-rhel8@sha256:8918686da37dad102867ad55788b2b0f7d750cf137b76a4ca51e244367de6375_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "terser: insecure use of regular expressions leads to ReDoS" } ] }
rhsa-2023_3265
Vulnerability from csaf_redhat
Published
2023-05-23 09:17
Modified
2024-12-10 17:50
Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.12.3 Security and Bug fix update
Notes
Topic
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.12.3 on Red Hat Enterprise Linux 8 from Red Hat Container Registry.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an S3-compatible API.
Security Fix(es):
* jsonwebtoken: Unrestricted key type could lead to legacy keys usagen (CVE-2022-23539)
* express: "qs" prototype poisoning causes the hang of the node process (CVE-2022-24999)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Previously, odf-csi-addons-operator had low memory resource limit and as a result the odf-csi-addons-operator pod was OOMKilled (out of memory). With this fix, the default memory and the CPU resource limit has been increased and odf-csi-addons-operator OOMKills are not observed. (BZ#2177184)
* Previously, non optimized database related flows on deletions caused Multicloud Object Gateway to spike in CPU usage and perform slowly on mass delete scenarios. For example, reclaiming a deleted object bucket claim (OBC). With this fix, indexes for the bucket reclaimer process are optimized, a new index is added to the database to speed up the database cleaner flows, and bucket reclaimer changes are introduced to work on batches of objects. (BZ#2186482)
* Previously, the list of regions for creating the default Multicloud Object Gateway backing store on AWS did not have the new regions that were added recently to AWS. With this fix, the new regions are included to the list of regions and it is possible to deploy default backing store on the new regions. (BZ#2187637)
* Previously, creating a storage system in OpenShift Data Foundation using an external Ceph cluster would fail if the RADOS block device (RBD) pool name contained an underscore (_) or a period(.). With this fix, the Python script (`ceph-external-cluster-details-exporter.py`) is enhanced to contain underscore (_) and period (.) so that an alias for the RBD pool names can be passed in. This alias allows the OpenShift Data Foundation to adopt an external Ceph cluster with RBD pool names containing an underscore(_) or a period(.). (BZ#2188379)
All users of Red Hat OpenShift Data Foundation are advised to upgrade to these updated images, which provide these bug fixes.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.12.3 on Red Hat Enterprise Linux 8 from Red Hat Container Registry.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an S3-compatible API.\n\nSecurity Fix(es):\n\n* jsonwebtoken: Unrestricted key type could lead to legacy keys usagen (CVE-2022-23539)\n\n* express: \"qs\" prototype poisoning causes the hang of the node process (CVE-2022-24999)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Previously, odf-csi-addons-operator had low memory resource limit and as a result the odf-csi-addons-operator pod was OOMKilled (out of memory). With this fix, the default memory and the CPU resource limit has been increased and odf-csi-addons-operator OOMKills are not observed. (BZ#2177184)\n\n* Previously, non optimized database related flows on deletions caused Multicloud Object Gateway to spike in CPU usage and perform slowly on mass delete scenarios. For example, reclaiming a deleted object bucket claim (OBC). With this fix, indexes for the bucket reclaimer process are optimized, a new index is added to the database to speed up the database cleaner flows, and bucket reclaimer changes are introduced to work on batches of objects. (BZ#2186482)\n\n* Previously, the list of regions for creating the default Multicloud Object Gateway backing store on AWS did not have the new regions that were added recently to AWS. With this fix, the new regions are included to the list of regions and it is possible to deploy default backing store on the new regions. (BZ#2187637)\n\n* Previously, creating a storage system in OpenShift Data Foundation using an external Ceph cluster would fail if the RADOS block device (RBD) pool name contained an underscore (_) or a period(.). With this fix, the Python script (`ceph-external-cluster-details-exporter.py`) is enhanced to contain underscore (_) and period (.) so that an alias for the RBD pool names can be passed in. This alias allows the OpenShift Data Foundation to adopt an external Ceph cluster with RBD pool names containing an underscore(_) or a period(.). (BZ#2188379)\n\nAll users of Red Hat OpenShift Data Foundation are advised to upgrade to these updated images, which provide these bug fixes.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:3265", "url": "https://access.redhat.com/errata/RHSA-2023:3265" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "2155978", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155978" }, { "category": "external", "summary": "2167304", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167304" }, { "category": "external", "summary": "2174336", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2174336" }, { "category": "external", "summary": "2177184", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2177184" }, { "category": "external", "summary": "2179235", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179235" }, { "category": "external", "summary": "2180685", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180685" }, { "category": "external", "summary": "2180724", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180724" }, { "category": "external", "summary": "2183687", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2183687" }, { "category": "external", "summary": "2185190", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185190" }, { "category": "external", "summary": "2185725", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185725" }, { "category": "external", "summary": "2186443", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186443" }, { "category": "external", "summary": "2186482", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186482" }, { "category": "external", "summary": "2187765", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187765" }, { "category": "external", "summary": "2187796", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187796" }, { "category": "external", "summary": "2187799", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187799" }, { "category": "external", "summary": "2188228", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188228" }, { "category": "external", "summary": "2188327", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188327" }, { "category": "external", "summary": "2188667", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188667" }, { "category": "external", "summary": "2190005", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190005" }, { "category": "external", "summary": "2190140", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190140" }, { "category": "external", "summary": "2190393", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190393" }, { "category": "external", "summary": "2192821", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192821" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3265.json" } ], "title": "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.12.3 Security and Bug fix update", "tracking": { "current_release_date": "2024-12-10T17:50:43+00:00", "generator": { "date": "2024-12-10T17:50:43+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2023:3265", "initial_release_date": "2023-05-23T09:17:22+00:00", "revision_history": [ { "date": "2023-05-23T09:17:22+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-05-23T09:17:22+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-10T17:50:43+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHODF 4.12 for RHEL 8", "product": { "name": "RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift_data_foundation:4.12::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift Data Foundation" }, { "branches": [ { "category": "product_version", "name": "odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64", "product": { "name": "odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64", "product_id": "odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64", "product_identification_helper": { "purl": "pkg:oci/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel8\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64", "product": { "name": "odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64", "product_id": "odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel8\u0026tag=v4.12.3-4" } } }, { "category": "product_version", "name": "odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64", "product": { "name": "odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64", "product_id": "odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64", "product_identification_helper": { "purl": "pkg:oci/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64", "product": { "name": "odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64", "product_id": "odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64", "product": { "name": "odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64", "product_id": "odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64", "product": { "name": "odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64", "product_id": "odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel8-operator\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64", "product": { "name": "odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64", "product_id": "odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel8\u0026tag=v4.12.3-5" } } }, { "category": "product_version", "name": "odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64", "product": { "name": "odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64", "product_id": "odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8\u0026tag=v4.12.3-5" } } }, { "category": "product_version", "name": "odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64", "product": { "name": "odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64", "product_id": "odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64", "product": { "name": "odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64", "product_id": "odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel8-operator\u0026tag=v4.12.3-5" } } }, { "category": "product_version", "name": "odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64", "product": { "name": "odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64", "product_id": "odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel8\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64", "product": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64", "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64", "product": { "name": "odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64", "product_id": "odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64", "product_id": "odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel8\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64", "product": { "name": "odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64", "product_id": "odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel8\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64", "product": { "name": "odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64", "product_id": "odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64", "product": { "name": "odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64", "product_id": "odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64", "product": { "name": "odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64", "product_id": "odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64", "product": { "name": "odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64", "product_id": "odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64", "product_identification_helper": { "purl": "pkg:oci/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64", "product": { "name": "odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64", "product_id": "odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64", "product_identification_helper": { "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64", "product": { "name": "odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64", "product_id": "odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64", "product_identification_helper": { "purl": "pkg:oci/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64", "product": { "name": "odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64", "product_id": "odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64", "product_identification_helper": { "purl": "pkg:oci/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel8-operator\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64", "product": { "name": "odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64", "product_id": "odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64", "product_identification_helper": { "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator\u0026tag=v4.12.3-7" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le", "product": { "name": "odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le", "product_id": "odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le", "product_identification_helper": { "purl": "pkg:oci/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel8\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le", "product": { "name": "odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le", "product_id": "odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel8\u0026tag=v4.12.3-4" } } }, { "category": "product_version", "name": "odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le", "product": { "name": "odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le", "product_id": "odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le", "product": { "name": "odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le", "product_id": "odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le", "product": { "name": "odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le", "product_id": "odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le", "product": { "name": "odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le", "product_id": "odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel8-operator\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le", "product": { "name": "odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le", "product_id": "odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel8\u0026tag=v4.12.3-5" } } }, { "category": "product_version", "name": "odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le", "product": { "name": "odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le", "product_id": "odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8\u0026tag=v4.12.3-5" } } }, { "category": "product_version", "name": "odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le", "product": { "name": "odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le", "product_id": "odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le", "product": { "name": "odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le", "product_id": "odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel8-operator\u0026tag=v4.12.3-5" } } }, { "category": "product_version", "name": "odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le", "product": { "name": "odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le", "product_id": "odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel8\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le", "product": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le", "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le", "product": { "name": "odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le", "product_id": "odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le", "product_id": "odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel8\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le", "product": { "name": "odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le", "product_id": "odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel8\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le", "product": { "name": "odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le", "product_id": "odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le", "product": { "name": "odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le", "product_id": "odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le", "product": { "name": "odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le", "product_id": "odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le", "product": { "name": "odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le", "product_id": "odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le", "product": { "name": "odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le", "product_id": "odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le", "product": { "name": "odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le", "product_id": "odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le", "product": { "name": "odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le", "product_id": "odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le", "product_identification_helper": { "purl": "pkg:oci/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel8-operator\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le", "product": { "name": "odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le", "product_id": "odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator\u0026tag=v4.12.3-7" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x", "product": { "name": "odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x", "product_id": "odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x", "product_identification_helper": { "purl": "pkg:oci/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel8\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x", "product": { "name": "odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x", "product_id": "odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x", "product_identification_helper": { "purl": "pkg:oci/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel8\u0026tag=v4.12.3-4" } } }, { "category": "product_version", "name": "odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x", "product": { "name": "odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x", "product_id": "odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x", "product_identification_helper": { "purl": "pkg:oci/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x", "product": { "name": "odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x", "product_id": "odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x", "product_identification_helper": { "purl": "pkg:oci/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x", "product": { "name": "odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x", "product_id": "odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x", "product": { "name": "odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x", "product_id": "odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel8-operator\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x", "product": { "name": "odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x", "product_id": "odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel8\u0026tag=v4.12.3-5" } } }, { "category": "product_version", "name": "odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x", "product": { "name": "odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x", "product_id": "odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-must-gather-rhel8\u0026tag=v4.12.3-5" } } }, { "category": "product_version", "name": "odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x", "product": { "name": "odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x", "product_id": "odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x", "product": { "name": "odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x", "product_id": "odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x", "product_identification_helper": { "purl": "pkg:oci/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel8-operator\u0026tag=v4.12.3-5" } } }, { "category": "product_version", "name": "odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x", "product": { "name": "odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x", "product_id": "odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel8\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x", "product": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x", "product_id": "odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x", "product": { "name": "odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x", "product_id": "odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x", "product": { "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x", "product_id": "odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel8\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x", "product": { "name": "odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x", "product_id": "odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel8\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x", "product": { "name": "odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x", "product_id": "odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x", "product": { "name": "odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x", "product_id": "odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x", "product": { "name": "odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x", "product_id": "odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x", "product": { "name": "odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x", "product_id": "odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x", "product_identification_helper": { "purl": "pkg:oci/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel8-operator\u0026tag=v4.12.3-3" } } }, { "category": "product_version", "name": "odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x", "product": { "name": "odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x", "product_id": "odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x", "product_identification_helper": { "purl": "pkg:oci/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x", "product": { "name": "odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x", "product_id": "odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x", "product_identification_helper": { "purl": "pkg:oci/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.12.3-17" } } }, { "category": "product_version", "name": "odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x", "product": { "name": "odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x", "product_id": "odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x", "product_identification_helper": { "purl": "pkg:oci/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel8-operator\u0026tag=v4.12.3-2" } } }, { "category": "product_version", "name": "odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x", "product": { "name": "odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x", "product_id": "odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x", "product_identification_helper": { "purl": "pkg:oci/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel8-operator\u0026tag=v4.12.3-7" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le" }, "product_reference": "odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x" }, "product_reference": "odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64" }, "product_reference": "odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le" }, "product_reference": "odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x" }, "product_reference": "odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64" }, "product_reference": "odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64" }, "product_reference": "odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x" }, "product_reference": "odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le" }, "product_reference": "odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le" }, "product_reference": "odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x" }, "product_reference": "odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64" }, "product_reference": "odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x" }, "product_reference": "odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le" }, "product_reference": "odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64" }, "product_reference": "odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64" }, "product_reference": "odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le" }, "product_reference": "odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x" }, "product_reference": "odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64" }, "product_reference": "odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le" }, "product_reference": "odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x" }, "product_reference": "odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x" }, "product_reference": "odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le" }, "product_reference": "odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64" }, "product_reference": "odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x" }, "product_reference": "odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64" }, "product_reference": "odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le" }, "product_reference": "odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64" }, "product_reference": "odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x" }, "product_reference": "odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le" }, "product_reference": "odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le" }, "product_reference": "odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64" }, "product_reference": "odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x" }, "product_reference": "odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64" }, "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le" }, "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x" }, "product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le" }, "product_reference": "odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64" }, "product_reference": "odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x" }, "product_reference": "odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64" }, "product_reference": "odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x" }, "product_reference": "odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le" }, "product_reference": "odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64" }, "product_reference": "odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x" }, "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le" }, "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64" }, "product_reference": "odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le" }, "product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x" }, "product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64" }, "product_reference": "odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le" }, "product_reference": "odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x" }, "product_reference": "odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64" }, "product_reference": "odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x" }, "product_reference": "odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64" }, "product_reference": "odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le" }, "product_reference": "odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x" }, "product_reference": "odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le" }, "product_reference": "odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64" }, "product_reference": "odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le" }, "product_reference": "odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64" }, "product_reference": "odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x" }, "product_reference": "odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64" }, "product_reference": "odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le" }, "product_reference": "odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x" }, "product_reference": "odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le" }, "product_reference": "odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64 as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64" }, "product_reference": "odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64", "relates_to_product_reference": "8Base-RHODF-4.12" }, { "category": "default_component_of", "full_product_name": { "name": "odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x as a component of RHODF 4.12 for RHEL 8", "product_id": "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x" }, "product_reference": "odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x", "relates_to_product_reference": "8Base-RHODF-4.12" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-23539", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2022-12-23T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2155978" } ], "notes": [ { "category": "description", "text": "A flaw was found in the jsonwebtoken package. The affected versions of the `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm.", "title": "Vulnerability description" }, { "category": "summary", "text": "jsonwebtoken: Unrestricted key type could lead to legacy keys usagen", "title": "Vulnerability summary" }, { "category": "other", "text": "The jsonwebtoken package is a transitive dependency and is not used directly in any of the Red Hat products. Hence, the impact is set to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64" ], "known_not_affected": [ "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-23539" }, { "category": "external", "summary": "RHBZ#2155978", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155978" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23539", "url": "https://www.cve.org/CVERecord?id=CVE-2022-23539" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23539", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23539" }, { "category": "external", "summary": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-8cf7-32gw-wr33", "url": "https://github.com/auth0/node-jsonwebtoken/security/advisories/GHSA-8cf7-32gw-wr33" } ], "release_date": "2022-12-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-05-23T09:17:22+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3265" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jsonwebtoken: Unrestricted key type could lead to legacy keys usagen" }, { "cve": "CVE-2022-24999", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150323" } ], "notes": [ { "category": "description", "text": "A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "express: \"qs\" prototype poisoning causes the hang of the node process", "title": "Vulnerability summary" }, { "category": "other", "text": "- The qs and express Package is not used by the OpenShift Container Platform console directly and is only a third-party package dependency. Hence, it is marked as wontfix. \nAs a result, any services that depend on Openshift for their use of qs and express are marked won\u0027t fix. \n- In OpenShift Service Mesh, \u0027qs\u0027 is hoisted from storybook and node-sass, both are dev dependencies, and the vulnerability is not exposed to end users. Hence marked as wontfix.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64" ], "known_not_affected": [ "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24999" }, { "category": "external", "summary": "RHBZ#2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24999", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999" }, { "category": "external", "summary": "https://github.com/expressjs/express/releases/tag/4.17.3", "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "category": "external", "summary": "https://github.com/ljharb/qs/pull/428", "url": "https://github.com/ljharb/qs/pull/428" }, { "category": "external", "summary": "https://github.com/n8tz/CVE-2022-24999", "url": "https://github.com/n8tz/CVE-2022-24999" } ], "release_date": "2022-11-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-05-23T09:17:22+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:3265" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:55c1cdf2a7c32c5e32eb2ff3372bbb3b46e3b2da39cca535db32a7aefbbb73a6_ppc64le", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:659ceb51c00824013f07d159bd689433ce41068f010b006047b750f75f134cb2_s390x", "8Base-RHODF-4.12:odf4/cephcsi-rhel8@sha256:db90c6bf02b4e7b40538ed52ee4e3d27733c24bf434610277b26b2ee5ae32f53_amd64", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:22cd2909e1b21b9ab56dc491fefb309a8a9088d85c928901b293267bb4efa6c7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:5e7b40a8f03ee5a607eb911b2fe731c9fe65bfa8a54067c0987d94f02ff8bef9_s390x", "8Base-RHODF-4.12:odf4/mcg-core-rhel8@sha256:e0c221ae29034b17db88998d4703a1d515778d17a8ce40737fa711fad2726c5c_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:0d03a74a889701f101ec0b3d454a8ad133a58a020b05e84addbd0c0393c62b45_amd64", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:b20a7b4b7e31cbb0edac695572c6ea28075e260a8c68b6135a9dd25af2dc3460_s390x", "8Base-RHODF-4.12:odf4/mcg-operator-bundle@sha256:bf058dd17e1f5b3c5b2ac4ea900eaf5fdd383564430aa6d0eaf0a7ae43f4feb7_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:2a393d0fe0de3da3358b578b123283f21b2433c6d50f1c512a48732409d11fce_ppc64le", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:7c84f6197194047448c2d39d7d880555baf521d9c462e23b5342652eebcee3ec_s390x", "8Base-RHODF-4.12:odf4/mcg-rhel8-operator@sha256:cd09a1ccd0b8795385d965ccf2910c231ee5f08c7d62ef4725a59b553192595a_amd64", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:0d4efd40efb2fbac2fd4b31e08ec36ddc2a5c7a558f83a1a1b41ab27be8c71c6_s390x", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:25252d3fabe165984b424b74437c428dc4f635aba06e245b3a1cc5e309bdf9df_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-operator-bundle@sha256:572921e5851d187787f22b25f349dee75d0383e959440372a159acc8dd7c17a1_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:0f05a9eb9f6528447456ffab6f86a354990745c7d994095b4c9fa8a9748159ea_amd64", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:7d55b8c8f830ef6e54078ad66c79b69e356d2e4cd391f60db6be473033f299a5_ppc64le", "8Base-RHODF-4.12:odf4/ocs-client-rhel8-operator@sha256:ed6b5f49ec14f96b5be3b1e858648a613278713ca3e413b4172e6f57c5922d2f_s390x", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:39c37b2a5cb55ca71c823b74f0b4c75ac61ef88d7f22c7abadc9b1ef5d077b20_amd64", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:6d4dbcdd641b71ef7e6c6269a8a706fddaa2d137ca5e2d07c29766e620de205f_ppc64le", "8Base-RHODF-4.12:odf4/ocs-metrics-exporter-rhel8@sha256:7c4ab2dca6e1ebc5b89014e4ec253e19473d6ae44f0d150dd8e7d22458056300_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:68992b4619ea57b8ab612278c1a02782b855b57bd436ae2c2395b6c55211d816_s390x", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:89a3457444d77fcc15546138ad259e2ccb29bfd7007dcb3dc3639c5a47c799c3_ppc64le", "8Base-RHODF-4.12:odf4/ocs-must-gather-rhel8@sha256:fa7d06a3c4204ee865eb284393faefacdd2113fa5bdb7412c3b7b6473852832b_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:5a7bc8abfd378a1314ebea571ba0483abaca80867fe7fdc1d0cb99772981a503_s390x", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:ace10d33f03530bad02e5f5aade65ebdb78e42e664a62595e510d4edabd64f60_amd64", "8Base-RHODF-4.12:odf4/ocs-operator-bundle@sha256:d4bec711f42d23753357d1e73be1e35d6781424d22b295371d9622dccc0b33aa_ppc64le", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:b9d941ef97de91ce2c67405c956f308ac39a966f88901cb7299c7d32f15fc1f6_amd64", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:c5bb36336e3280dbc6fe2f969c73f40f31fbdfecf89e55b0bb8d2b83fa579644_s390x", "8Base-RHODF-4.12:odf4/ocs-rhel8-operator@sha256:e5ca033f2b87a40dc028df91b14c5fd92342f6599ff07b08b0c5a7f06b9e3257_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:6f1fc5945bafbf023825d576e2994f484eff88c7c34fcbd8a2234a7b144b42c1_ppc64le", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:7918fcabebe3d881e2a6bbcb424ac6b99bd96f13775eb3f9c455b7890c728873_amd64", "8Base-RHODF-4.12:odf4/odf-console-rhel8@sha256:b3d6539df6ca21e8bfb772991cf1c0103ad20388159996e83f6f400a64d93a89_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:5c7ff483da2eb34694a59d2826d0e18309aff8f254650008ecfb5c03629d9442_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:b1fad19bb8ed92f5340ba5cfaa2c6f435831712d384e0c222bb997cbb811c4be_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-operator-bundle@sha256:c58240dff0db8328d56d36fd2bcdcdfdb43ebaebbe445628150e6e6079439ae6_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:3245c50b363c3cadf2758934e273ffe8fcac489a303d2c39afea79abac1b52fb_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:40c893b1ee61cb6f174da357578299bf21e26fd1dca73fc4d0664da564df84f1_amd64", "8Base-RHODF-4.12:odf4/odf-csi-addons-rhel8-operator@sha256:f6a9c322c4dff132bbf01d1fc088a5988b5174ca953054c7d722bbd837b7d23b_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:06b915bf990e0a8b3679ad5fab4a98c155b02a88110d47429fc26c4b7fc54ca0_ppc64le", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:8f812808ce2767198968eb49004d1d0a6b70cb5ad19f306e78c84c1aa7b3775c_s390x", "8Base-RHODF-4.12:odf4/odf-csi-addons-sidecar-rhel8@sha256:ceaafe96af89589eb486ba74733e34ee3e202c346aad2773ed70d707ad7e2d42_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:390481a9f0f0769056df89f5ce3cb2fbbeadf0e2f8d44469f68a9291e2d9fa48_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:9eafc473d37d35fe5a84b36b8d3bf9876f529efd8b37ef4ff738cecb8b0f5389_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-console-rhel8@sha256:c6984aabd7dae84be1a3b114ca36d4cdc655b271000540709ce978ad4e3e7159_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:2afd8dc3f15a7eadad49f3c18d00ef9136dbf59f26e5b8345b16f92233dbd352_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:4e36ce74a62b99f65ff1ce1a6b228ea34b5f6a18a5aad490ac2316ae141f4f2a_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-operator-bundle@sha256:b4aaf641c7117bea99bcf3bb2f58409935b22e72039105c5aa3f086f04775f7b_amd64", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:2d18752f56076d91b6fcbdad4e934cada87ba270532c522e7da2239f5b6f6d7d_ppc64le", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:ce78718d4271a615f37066af652439409f7e7dcf2c5734185a3961c8e83ac4b4_s390x", "8Base-RHODF-4.12:odf4/odf-multicluster-rhel8-operator@sha256:d3e3b0788e28b8c82b770b2db622f2d9dfa83ac2b3f7a4e37742565089dc8fd8_amd64", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:75bab2b59593c31c4ae170b02f45ab193f8b5fb37eae53998bd2069662fc0efc_ppc64le", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:a912aa614bfd273fb6e6da47c32d00ca5aa4a45af3edfeb5f9f870ba4797a5ec_s390x", "8Base-RHODF-4.12:odf4/odf-operator-bundle@sha256:f6182960abfce0ccb509a25ab8fb8780a8e2d73852d589e8295c16d992bb2ff6_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:1e3deb6461dae99c94b20f70e4c155551e8579287c1696f752a89c8098953f8d_s390x", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:cd5ed37c3bd5ad385a3a88dc290456dbde3ba6af2501750a3d1ce25d40e82401_amd64", "8Base-RHODF-4.12:odf4/odf-rhel8-operator@sha256:f53714b582b603bc851349cc4804f27235940fd577ed5b86ccad836a31ddc3fb_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:78a8b463c8d4161b556c821210eae69243fc73ceb90db49f4ca055a38acde6e0_s390x", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:7c89ebe7245e3514f6e63d1eca3247b0922e88d232b41c43245d2594e29b27d7_ppc64le", "8Base-RHODF-4.12:odf4/odr-cluster-operator-bundle@sha256:8e0d79006984c3501ea066054cca610b92c109183ae13969c0e81ee03acedc84_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:2d884bb224a503deb344ac6a4895d6a6d0fe5ab364651eecf923204507c9c92b_ppc64le", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:666c7cec9f2fd6d91b1839fd85576d84d0856a03b27e341e12f9c28ad301f594_amd64", "8Base-RHODF-4.12:odf4/odr-hub-operator-bundle@sha256:c143b2cb9690b850b28d2f5c5394d5e4abefd5404fb41a17c5106058ff241286_s390x", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:79b66652c0aea87822f578c55963ca948b2e1697caad5ea460e6555a78136039_amd64", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:aa26f97020ed13ab7092b7a0aa05458a8775e4b4e936e4b9df9a96297df1f5b8_ppc64le", "8Base-RHODF-4.12:odf4/odr-rhel8-operator@sha256:eafa31da6f87efcf476ab63d3b11ed8c7a42e67ef42a2494e70a5fe085e40438_s390x", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:198645ebf6a69810821c2d7644347b8abf918d89bbc2fcfc880ec28e924598f2_ppc64le", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:460433c554ff60bbac0b3dd267c6a0ab65c4837df3b2e5052e86f6e9145833ee_amd64", "8Base-RHODF-4.12:odf4/rook-ceph-rhel8-operator@sha256:72c63ded186464f185d399145e25ed21ea1a07c52ab842eebdaff224cc2e7998_s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "express: \"qs\" prototype poisoning causes the hang of the node process" } ] }
rhsa-2023_1428
Vulnerability from csaf_redhat
Published
2023-03-23 02:16
Modified
2024-12-10 17:46
Summary
Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.8 security and bug fix update
Notes
Topic
The Migration Toolkit for Containers (MTC) 1.7.8 is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
Security Fix(es):
* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)
* gin: Unsanitized input in the default logger in github.com/gin-gonic/gin (CVE-2020-36567)
* express: "qs" prototype poisoning causes the hang of the node process (CVE-2022-24999)
* http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881)
* ua-parser-js: ReDoS vulnerability via the trim() function (CVE-2022-25927)
* loader-utils: Regular expression denial of service (CVE-2022-37603)
* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
* jszip: directory traversal via a crafted ZIP archive (CVE-2022-48285)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* The velero image cannot be overridden in the operator (BZ#2143389)
* Adding a MigCluster from UI fails when the domain name has characters more than 6 (BZ#2152149)
* UI fails to render the 'migrations' page: "Cannot read properties of undefined (reading 'name')" (BZ#2163485)
* Creating DPA resource fails on OCP 4.6 clusters (BZ#2173742)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "The Migration Toolkit for Containers (MTC) 1.7.8 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es):\n\n* decode-uri-component: improper input validation resulting in DoS (CVE-2022-38900)\n\n* gin: Unsanitized input in the default logger in github.com/gin-gonic/gin (CVE-2020-36567)\n\n* express: \"qs\" prototype poisoning causes the hang of the node process (CVE-2022-24999)\n\n* http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability (CVE-2022-25881)\n\n* ua-parser-js: ReDoS vulnerability via the trim() function (CVE-2022-25927)\n\n* loader-utils: Regular expression denial of service (CVE-2022-37603)\n\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n\n* jszip: directory traversal via a crafted ZIP archive (CVE-2022-48285)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* The velero image cannot be overridden in the operator (BZ#2143389)\n\n* Adding a MigCluster from UI fails when the domain name has characters more than 6 (BZ#2152149)\n\n* UI fails to render the \u0027migrations\u0027 page: \"Cannot read properties of undefined (reading \u0027name\u0027)\" (BZ#2163485)\n\n* Creating DPA resource fails on OCP 4.6 clusters (BZ#2173742)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:1428", "url": "https://access.redhat.com/errata/RHSA-2023:1428" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2140597", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597" }, { "category": "external", "summary": "2143389", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143389" }, { "category": "external", "summary": "2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "2152149", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2152149" }, { "category": "external", "summary": "2156263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263" }, { "category": "external", "summary": "2156683", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156683" }, { "category": "external", "summary": "2163485", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2163485" }, { "category": "external", "summary": "2165020", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165020" }, { "category": "external", "summary": "2165797", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165797" }, { "category": "external", "summary": "2165824", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824" }, { "category": "external", "summary": "2170644", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644" }, { "category": "external", "summary": "2173742", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173742" }, { "category": "external", "summary": "MIG-1298", "url": "https://issues.redhat.com/browse/MIG-1298" }, { "category": "external", "summary": "MIG-1315", "url": "https://issues.redhat.com/browse/MIG-1315" }, { "category": "external", "summary": "MIG-1318", "url": "https://issues.redhat.com/browse/MIG-1318" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1428.json" } ], "title": "Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.8 security and bug fix update", "tracking": { "current_release_date": "2024-12-10T17:46:31+00:00", "generator": { "date": "2024-12-10T17:46:31+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2023:1428", "initial_release_date": "2023-03-23T02:16:09+00:00", "revision_history": [ { "date": "2023-03-23T02:16:09+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-03-23T02:16:09+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-10T17:46:31+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "8Base-RHMTC-1.7", "product": { "name": "8Base-RHMTC-1.7", "product_id": "8Base-RHMTC-1.7", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhmt:1.7::el8" } } } ], "category": "product_family", "name": "Red Hat Migration Toolkit" }, { "branches": [ { "category": "product_version", "name": "rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "product": { "name": "rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "product_id": "rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-controller-rhel8\u0026tag=v1.7.8-6" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "product": { "name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "product_id": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-hook-runner-rhel8\u0026tag=v1.7.8-3" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "product": { "name": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "product_id": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-legacy-rhel8-operator\u0026tag=v1.7.8-10" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "product": { "name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "product_id": "rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-log-reader-rhel8\u0026tag=v1.7.8-3" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "product": { "name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "product_id": "rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-must-gather-rhel8\u0026tag=v1.7.8-3" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "product": { "name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "product_id": "rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-openvpn-rhel8\u0026tag=v1.7.8-3" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "product": { "name": "rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "product_id": "rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rhel8-operator\u0026tag=v1.7.8-10" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "product": { "name": "rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "product_id": "rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-operator-bundle\u0026tag=v1.7.8-10" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "product": { "name": "rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "product_id": "rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-registry-rhel8\u0026tag=v1.7.8-3" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "product": { "name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "product_id": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rsync-transfer-rhel8\u0026tag=v1.7.8-3" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64", "product": { "name": "rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64", "product_id": "rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-ui-rhel8\u0026tag=v1.7.8-5" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "product": { "name": "rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "product_id": "rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-rhel8\u0026tag=v1.7.8-4" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "product": { "name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "product_id": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-aws-rhel8\u0026tag=v1.7.8-3" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "product": { "name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "product_id": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8\u0026tag=v1.7.8-3" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "product": { "name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "product_id": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8\u0026tag=v1.7.8-3" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "product": { "name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "product_id": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-restic-restore-helper-rhel8\u0026tag=v1.7.8-4" } } }, { "category": "product_version", "name": "rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64", "product": { "name": "rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64", "product_id": "rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-velero-plugin-rhel8\u0026tag=v1.7.8-3" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64 as a component of 8Base-RHMTC-1.7", "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64" }, "product_reference": "rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "relates_to_product_reference": "8Base-RHMTC-1.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64 as a component of 8Base-RHMTC-1.7", "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64" }, "product_reference": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "relates_to_product_reference": "8Base-RHMTC-1.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64 as a component of 8Base-RHMTC-1.7", "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64" }, "product_reference": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "relates_to_product_reference": "8Base-RHMTC-1.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64 as a component of 8Base-RHMTC-1.7", "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64" }, "product_reference": "rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "relates_to_product_reference": "8Base-RHMTC-1.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64 as a component of 8Base-RHMTC-1.7", "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64" }, "product_reference": "rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "relates_to_product_reference": "8Base-RHMTC-1.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64 as a component of 8Base-RHMTC-1.7", "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64" }, "product_reference": "rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "relates_to_product_reference": "8Base-RHMTC-1.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64 as a component of 8Base-RHMTC-1.7", "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64" }, "product_reference": "rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "relates_to_product_reference": "8Base-RHMTC-1.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64 as a component of 8Base-RHMTC-1.7", "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64" }, "product_reference": "rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "relates_to_product_reference": "8Base-RHMTC-1.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64 as a component of 8Base-RHMTC-1.7", "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64" }, "product_reference": "rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "relates_to_product_reference": "8Base-RHMTC-1.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64 as a component of 8Base-RHMTC-1.7", "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64" }, "product_reference": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "relates_to_product_reference": "8Base-RHMTC-1.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64 as a component of 8Base-RHMTC-1.7", "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64" }, "product_reference": "rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64", "relates_to_product_reference": "8Base-RHMTC-1.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64 as a component of 8Base-RHMTC-1.7", "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64" }, "product_reference": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "relates_to_product_reference": "8Base-RHMTC-1.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64 as a component of 8Base-RHMTC-1.7", "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64" }, "product_reference": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "relates_to_product_reference": "8Base-RHMTC-1.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64 as a component of 8Base-RHMTC-1.7", "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64" }, "product_reference": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "relates_to_product_reference": "8Base-RHMTC-1.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64 as a component of 8Base-RHMTC-1.7", "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64" }, "product_reference": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "relates_to_product_reference": "8Base-RHMTC-1.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64 as a component of 8Base-RHMTC-1.7", "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64" }, "product_reference": "rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "relates_to_product_reference": "8Base-RHMTC-1.7" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64 as a component of 8Base-RHMTC-1.7", "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" }, "product_reference": "rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64", "relates_to_product_reference": "8Base-RHMTC-1.7" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-36567", "cwe": { "id": "CWE-117", "name": "Improper Output Neutralization for Logs" }, "discovery_date": "2022-12-28T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156683" } ], "notes": [ { "category": "description", "text": "A flaw was found in gin. This issue occurs when the default Formatter for the Logger middleware (LoggerConfig.Formatter), which is included in the Default engine, allows attackers to inject arbitrary log entries by manipulating the request path.", "title": "Vulnerability description" }, { "category": "summary", "text": "gin: Unsanitized input in the default logger in github.com/gin-gonic/gin", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64" ], "known_not_affected": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-36567" }, { "category": "external", "summary": "RHBZ#2156683", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156683" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-36567", "url": "https://www.cve.org/CVERecord?id=CVE-2020-36567" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36567", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36567" }, { "category": "external", "summary": "https://github.com/gin-gonic/gin/commit/a71af9c144f9579f6dbe945341c1df37aaf09c0d", "url": "https://github.com/gin-gonic/gin/commit/a71af9c144f9579f6dbe945341c1df37aaf09c0d" }, { "category": "external", "summary": "https://github.com/gin-gonic/gin/pull/2237", "url": "https://github.com/gin-gonic/gin/pull/2237" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2020-0001", "url": "https://pkg.go.dev/vuln/GO-2020-0001" } ], "release_date": "2022-12-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T02:16:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1428" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "gin: Unsanitized input in the default logger in github.com/gin-gonic/gin" }, { "cve": "CVE-2022-24999", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150323" } ], "notes": [ { "category": "description", "text": "A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "express: \"qs\" prototype poisoning causes the hang of the node process", "title": "Vulnerability summary" }, { "category": "other", "text": "- The qs and express Package is not used by the OpenShift Container Platform console directly and is only a third-party package dependency. Hence, it is marked as wontfix. \nAs a result, any services that depend on Openshift for their use of qs and express are marked won\u0027t fix. \n- In OpenShift Service Mesh, \u0027qs\u0027 is hoisted from storybook and node-sass, both are dev dependencies, and the vulnerability is not exposed to end users. Hence marked as wontfix.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64" ], "known_not_affected": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24999" }, { "category": "external", "summary": "RHBZ#2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24999", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999" }, { "category": "external", "summary": "https://github.com/expressjs/express/releases/tag/4.17.3", "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "category": "external", "summary": "https://github.com/ljharb/qs/pull/428", "url": "https://github.com/ljharb/qs/pull/428" }, { "category": "external", "summary": "https://github.com/n8tz/CVE-2022-24999", "url": "https://github.com/n8tz/CVE-2022-24999" } ], "release_date": "2022-11-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T02:16:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1428" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "express: \"qs\" prototype poisoning causes the hang of the node process" }, { "cve": "CVE-2022-25881", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2023-01-31T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2165824" } ], "notes": [ { "category": "description", "text": "A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.", "title": "Vulnerability description" }, { "category": "summary", "text": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64" ], "known_not_affected": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-25881" }, { "category": "external", "summary": "RHBZ#2165824", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165824" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25881", "url": "https://www.cve.org/CVERecord?id=CVE-2022-25881" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25881" } ], "release_date": "2023-01-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T02:16:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1428" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability" }, { "cve": "CVE-2022-25927", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2023-01-27T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2165020" } ], "notes": [ { "category": "description", "text": "A flaw was found in ua-parser-js. This issue could allow a malicious user to trigger a regular expression denial of service (ReDoS) via the trim() function.", "title": "Vulnerability description" }, { "category": "summary", "text": "ua-parser-js: ReDoS vulnerability via the trim() function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64" ], "known_not_affected": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-25927" }, { "category": "external", "summary": "RHBZ#2165020", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165020" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-25927", "url": "https://www.cve.org/CVERecord?id=CVE-2022-25927" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25927", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25927" } ], "release_date": "2023-01-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T02:16:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1428" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "ua-parser-js: ReDoS vulnerability via the trim() function" }, { "cve": "CVE-2022-37603", "cwe": { "id": "CWE-185", "name": "Incorrect Regular Expression" }, "discovery_date": "2022-11-07T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2140597" } ], "notes": [ { "category": "description", "text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.", "title": "Vulnerability description" }, { "category": "summary", "text": "loader-utils: Regular expression denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64" ], "known_not_affected": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-37603" }, { "category": "external", "summary": "RHBZ#2140597", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603", "url": "https://www.cve.org/CVERecord?id=CVE-2022-37603" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603" } ], "release_date": "2022-10-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T02:16:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1428" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "loader-utils: Regular expression denial of service" }, { "cve": "CVE-2022-38900", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2023-02-16T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2170644" } ], "notes": [ { "category": "description", "text": "A flaw was found in decode-uri-component. This issue occurs due to a specially crafted input, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "decode-uri-component: improper input validation resulting in DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "For OpenShift Container Platform (OCP), Advanced Clusters Management for Kubernetes (ACM) and Advanced Cluster Security (ACS), the NPM decode-uri-component package is only present in source repositories as a development dependency, it is not used in production. Therefore this vulnerability is rated Low for OCP and ACS.\n\nIn Red Hat OpenShift Logging the openshift-logging/kibana6-rhel8 container bundles many nodejs packages as a build time dependencies, including the decode-uri-component package. \nThe vulnerable code is not used, hence the impact to OpenShift Logging by this vulnerability is Low.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64" ], "known_not_affected": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-38900" }, { "category": "external", "summary": "RHBZ#2170644", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2170644" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-38900", "url": "https://www.cve.org/CVERecord?id=CVE-2022-38900" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-38900" }, { "category": "external", "summary": "https://github.com/SamVerschueren/decode-uri-component/issues/5", "url": "https://github.com/SamVerschueren/decode-uri-component/issues/5" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-w573-4hg7-7wgq", "url": "https://github.com/advisories/GHSA-w573-4hg7-7wgq" } ], "release_date": "2022-11-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T02:16:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1428" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "decode-uri-component: improper input validation resulting in DoS" }, { "cve": "CVE-2022-46175", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-26T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156263" } ], "notes": [ { "category": "description", "text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.", "title": "Vulnerability description" }, { "category": "summary", "text": "json5: Prototype Pollution in JSON5 via Parse Method", "title": "Vulnerability summary" }, { "category": "other", "text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64" ], "known_not_affected": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46175" }, { "category": "external", "summary": "RHBZ#2156263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46175" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175" }, { "category": "external", "summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h", "url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h" } ], "release_date": "2022-12-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T02:16:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1428" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "json5: Prototype Pollution in JSON5 via Parse Method" }, { "cve": "CVE-2022-48285", "cwe": { "id": "CWE-23", "name": "Relative Path Traversal" }, "discovery_date": "2023-01-31T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2165797" } ], "notes": [ { "category": "description", "text": "A flaw was found in the JSZip package. Affected versions of JSZip could allow a remote attacker to traverse directories on the system caused by the failure to sanitize filenames when files are loaded with `loadAsync`, which makes the library vulnerable to a Zip Slip attack. By extracting files from a specially crafted archive, an attacker could gain access to parts of the file system outside of the target folder, overwrite the executable files, and execute arbitrary commands on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "jszip: directory traversal via a crafted ZIP archive", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64" ], "known_not_affected": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-48285" }, { "category": "external", "summary": "RHBZ#2165797", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165797" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-48285", "url": "https://www.cve.org/CVERecord?id=CVE-2022-48285" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-48285", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48285" }, { "category": "external", "summary": "https://exchange.xforce.ibmcloud.com/vulnerabilities/244499", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/244499" }, { "category": "external", "summary": "https://github.com/Stuk/jszip/commit/2edab366119c9ee948357c02f1206c28566cdf15", "url": "https://github.com/Stuk/jszip/commit/2edab366119c9ee948357c02f1206c28566cdf15" }, { "category": "external", "summary": "https://github.com/Stuk/jszip/compare/v3.7.1...v3.8.0", "url": "https://github.com/Stuk/jszip/compare/v3.7.1...v3.8.0" }, { "category": "external", "summary": "https://www.mend.io/vulnerability-database/WS-2023-0004", "url": "https://www.mend.io/vulnerability-database/WS-2023-0004" } ], "release_date": "2023-01-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-03-23T02:16:09+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:1428" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:5bd15eedeaa345b05580d154819e813bde9feb60e99a5f5f03187c43205f7d0f_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:61f534bd9ce8b65cc9111336e4db1d57a0e7f0a614094ee25b4532324a8bfe71_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:9213e3ca5be9a82934b910c188626a45f9f1265d032251e3337083ecf41c7bde_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:85b1795ccbe0f13810605b579ebd25a8bc3a41f25a0c6b98df654eb894e559b8_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:79741d28197747559160fe140258eb3c5bf5b42351ad88b2f00642eba2180fee_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:10c90d8813b9045bde25cac6cc0cbd1de8095be3ea353c07ba77ca13ee561165_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:9e0d9d0d4acaf95c553d1c23ec62161554a24fd8b2a6d9d50bad8cb4d8da7229_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:24afdf147e24a631d8f4267d0594bf15db8a024bd1a86b49189c1d4c01acd5e5_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:fc0422805208ff6b659ff190837f4dd8ce589b6862d7abd2c5d649b47271f6f9_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:70676a347e14d1a4d2c5dc2259c73a7348401eb51c16c0dcd62b78326b2d9e1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:6da0fcb9118ff62926e16dcd0146c85ab0972cd7e304027032bf925b7bde4dd0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:8c196e46603987091fac589001c805708f9f8d243c00f828938bbcca132d52a0_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:2dca85c9f00468f63d741c2133457122ebb148c6580c055174d5e6b9daaa33e2_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:8341be8ea6d3f65544829158f007c15865165fb590e43f0928ad22bcedeed870_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:5837e38d784cf83e06b343dfbfc10f250cf399b6af810a8f584f7aadb5258a1b_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:b4102f9a94d6a539e695a446f59c9395287b53c10ccd4a2a274feec40c6e0368_amd64", "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:d6958eee44939ace90ddadc33f60a5cee1ce30ec97a65aeea4ec5788aaf08d94_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jszip: directory traversal via a crafted ZIP archive" } ] }
rhsa-2023_0934
Vulnerability from csaf_redhat
Published
2023-02-28 00:50
Modified
2024-12-10 17:44
Summary
Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update
Notes
Topic
Migration Toolkit for Applications 6.0.1 release
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
Migration Toolkit for Applications 6.0.1 Images
Security Fix(es) from Bugzilla:
* loader-utils: prototype pollution in function parseQuery in parseQuery.js (CVE-2022-37601)
* Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing (CVE-2022-42920)
* gin: Unsanitized input in the default logger in github.com/gin-gonic/gin (CVE-2020-36567)
* glob-parent: Regular Expression Denial of Service (CVE-2021-35065)
* express: "qs" prototype poisoning causes the hang of the node process (CVE-2022-24999)
* loader-utils:Regular expression denial of service (CVE-2022-37603)
* golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)
* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Migration Toolkit for Applications 6.0.1 release\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Migration Toolkit for Applications 6.0.1 Images\n\nSecurity Fix(es) from Bugzilla:\n\n* loader-utils: prototype pollution in function parseQuery in parseQuery.js (CVE-2022-37601)\n\n* Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing (CVE-2022-42920)\n\n* gin: Unsanitized input in the default logger in github.com/gin-gonic/gin (CVE-2020-36567)\n\n* glob-parent: Regular Expression Denial of Service (CVE-2021-35065)\n\n* express: \"qs\" prototype poisoning causes the hang of the node process (CVE-2022-24999)\n\n* loader-utils:Regular expression denial of service (CVE-2022-37603)\n\n* golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)\n\n* json5: Prototype Pollution in JSON5 via Parse Method (CVE-2022-46175)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2023:0934", "url": "https://access.redhat.com/errata/RHSA-2023:0934" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2134876", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134876" }, { "category": "external", "summary": "2140597", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597" }, { "category": "external", "summary": "2142707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142707" }, { "category": "external", "summary": "2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "2156263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263" }, { "category": "external", "summary": "2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "2156683", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156683" }, { "category": "external", "summary": "2161274", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274" }, { "category": "external", "summary": "MTA-103", "url": "https://issues.redhat.com/browse/MTA-103" }, { "category": "external", "summary": "MTA-106", "url": "https://issues.redhat.com/browse/MTA-106" }, { "category": "external", "summary": "MTA-122", "url": "https://issues.redhat.com/browse/MTA-122" }, { "category": "external", "summary": "MTA-123", "url": "https://issues.redhat.com/browse/MTA-123" }, { "category": "external", "summary": "MTA-127", "url": "https://issues.redhat.com/browse/MTA-127" }, { "category": "external", "summary": "MTA-131", "url": "https://issues.redhat.com/browse/MTA-131" }, { "category": "external", "summary": "MTA-36", "url": "https://issues.redhat.com/browse/MTA-36" }, { "category": "external", "summary": "MTA-44", "url": "https://issues.redhat.com/browse/MTA-44" }, { "category": "external", "summary": "MTA-49", "url": "https://issues.redhat.com/browse/MTA-49" }, { "category": "external", "summary": "MTA-59", "url": "https://issues.redhat.com/browse/MTA-59" }, { "category": "external", "summary": "MTA-65", "url": "https://issues.redhat.com/browse/MTA-65" }, { "category": "external", "summary": "MTA-72", "url": "https://issues.redhat.com/browse/MTA-72" }, { "category": "external", "summary": "MTA-73", "url": "https://issues.redhat.com/browse/MTA-73" }, { "category": "external", "summary": "MTA-74", "url": "https://issues.redhat.com/browse/MTA-74" }, { "category": "external", "summary": "MTA-76", "url": "https://issues.redhat.com/browse/MTA-76" }, { "category": "external", "summary": "MTA-77", "url": "https://issues.redhat.com/browse/MTA-77" }, { "category": "external", "summary": "MTA-80", "url": "https://issues.redhat.com/browse/MTA-80" }, { "category": "external", "summary": "MTA-82", "url": "https://issues.redhat.com/browse/MTA-82" }, { "category": "external", "summary": "MTA-85", "url": "https://issues.redhat.com/browse/MTA-85" }, { "category": "external", "summary": "MTA-88", "url": "https://issues.redhat.com/browse/MTA-88" }, { "category": "external", "summary": "MTA-92", "url": "https://issues.redhat.com/browse/MTA-92" }, { "category": "external", "summary": "MTA-96", "url": "https://issues.redhat.com/browse/MTA-96" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0934.json" } ], "title": "Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update", "tracking": { "current_release_date": "2024-12-10T17:44:43+00:00", "generator": { "date": "2024-12-10T17:44:43+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2023:0934", "initial_release_date": "2023-02-28T00:50:28+00:00", "revision_history": [ { "date": "2023-02-28T00:50:28+00:00", "number": "1", "summary": "Initial version" }, { "date": "2023-02-28T23:46:39+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-10T17:44:43+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "MTA 6.0 for RHEL 8", "product": { "name": "MTA 6.0 for RHEL 8", "product_id": "8Base-MTA-6.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:migration_toolkit_applications:6.0::el8" } } } ], "category": "product_family", "name": "Migration Toolkit for Applications" }, { "branches": [ { "category": "product_version", "name": "mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "product": { "name": "mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "product_id": "mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "product_identification_helper": { "purl": "pkg:oci/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-admin-addon-rhel8\u0026tag=6.0.1-8" } } }, { "category": "product_version", "name": "mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "product": { "name": "mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "product_id": "mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "product_identification_helper": { "purl": "pkg:oci/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-hub-rhel8\u0026tag=6.0.1-8" } } }, { "category": "product_version", "name": "mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "product": { "name": "mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "product_id": "mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "product_identification_helper": { "purl": "pkg:oci/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-rhel8-operator\u0026tag=6.0.1-8" } } }, { "category": "product_version", "name": "mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "product": { "name": "mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "product_id": "mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "product_identification_helper": { "purl": "pkg:oci/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-pathfinder-rhel8\u0026tag=6.0.1-6" } } }, { "category": "product_version", "name": "mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64", "product": { "name": "mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64", "product_id": "mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64", "product_identification_helper": { "purl": "pkg:oci/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-ui-rhel8\u0026tag=6.0.1-10" } } }, { "category": "product_version", "name": "mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64", "product": { "name": "mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64", "product_id": "mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64", "product_identification_helper": { "purl": "pkg:oci/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108?arch=amd64\u0026repository_url=registry.redhat.io/mta/mta-windup-addon-rhel8\u0026tag=6.0.1-9" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64 as a component of MTA 6.0 for RHEL 8", "product_id": "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64" }, "product_reference": "mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "relates_to_product_reference": "8Base-MTA-6.0" }, { "category": "default_component_of", "full_product_name": { "name": "mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64 as a component of MTA 6.0 for RHEL 8", "product_id": "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64" }, "product_reference": "mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "relates_to_product_reference": "8Base-MTA-6.0" }, { "category": "default_component_of", "full_product_name": { "name": "mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64 as a component of MTA 6.0 for RHEL 8", "product_id": "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64" }, "product_reference": "mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "relates_to_product_reference": "8Base-MTA-6.0" }, { "category": "default_component_of", "full_product_name": { "name": "mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64 as a component of MTA 6.0 for RHEL 8", "product_id": "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64" }, "product_reference": "mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "relates_to_product_reference": "8Base-MTA-6.0" }, { "category": "default_component_of", "full_product_name": { "name": "mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64 as a component of MTA 6.0 for RHEL 8", "product_id": "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64" }, "product_reference": "mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64", "relates_to_product_reference": "8Base-MTA-6.0" }, { "category": "default_component_of", "full_product_name": { "name": "mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64 as a component of MTA 6.0 for RHEL 8", "product_id": "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" }, "product_reference": "mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64", "relates_to_product_reference": "8Base-MTA-6.0" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-36567", "cwe": { "id": "CWE-117", "name": "Improper Output Neutralization for Logs" }, "discovery_date": "2022-12-28T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156683" } ], "notes": [ { "category": "description", "text": "A flaw was found in gin. This issue occurs when the default Formatter for the Logger middleware (LoggerConfig.Formatter), which is included in the Default engine, allows attackers to inject arbitrary log entries by manipulating the request path.", "title": "Vulnerability description" }, { "category": "summary", "text": "gin: Unsanitized input in the default logger in github.com/gin-gonic/gin", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ], "known_not_affected": [ "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-36567" }, { "category": "external", "summary": "RHBZ#2156683", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156683" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-36567", "url": "https://www.cve.org/CVERecord?id=CVE-2020-36567" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36567", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36567" }, { "category": "external", "summary": "https://github.com/gin-gonic/gin/commit/a71af9c144f9579f6dbe945341c1df37aaf09c0d", "url": "https://github.com/gin-gonic/gin/commit/a71af9c144f9579f6dbe945341c1df37aaf09c0d" }, { "category": "external", "summary": "https://github.com/gin-gonic/gin/pull/2237", "url": "https://github.com/gin-gonic/gin/pull/2237" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2020-0001", "url": "https://pkg.go.dev/vuln/GO-2020-0001" } ], "release_date": "2022-12-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-28T00:50:28+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0934" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "gin: Unsanitized input in the default logger in github.com/gin-gonic/gin" }, { "cve": "CVE-2021-35065", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2022-12-26T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156324" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the glob-parent package. Affected versions of this package are vulnerable to Regular expression Denial of Service (ReDoS) attacks, affecting system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "glob-parent: Regular Expression Denial of Service", "title": "Vulnerability summary" }, { "category": "other", "text": "The glob-parent package is a transitive dependency and this is not used directly in any of the Red Hat products. Hence, the impact is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64" ], "known_not_affected": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-35065" }, { "category": "external", "summary": "RHBZ#2156324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156324" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-35065", "url": "https://www.cve.org/CVERecord?id=CVE-2021-35065" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-35065" }, { "category": "external", "summary": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294", "url": "https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294" } ], "release_date": "2022-12-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-28T00:50:28+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0934" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "glob-parent: Regular Expression Denial of Service" }, { "cve": "CVE-2022-24999", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2150323" } ], "notes": [ { "category": "description", "text": "A flaw was found in the express.js npm package of nodejs:14 module stream. Express.js Express is vulnerable to a denial of service caused by a prototype pollution flaw in qs. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, a remote attacker can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "express: \"qs\" prototype poisoning causes the hang of the node process", "title": "Vulnerability summary" }, { "category": "other", "text": "- The qs and express Package is not used by the OpenShift Container Platform console directly and is only a third-party package dependency. Hence, it is marked as wontfix. \nAs a result, any services that depend on Openshift for their use of qs and express are marked won\u0027t fix. \n- In OpenShift Service Mesh, \u0027qs\u0027 is hoisted from storybook and node-sass, both are dev dependencies, and the vulnerability is not exposed to end users. Hence marked as wontfix.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64" ], "known_not_affected": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-24999" }, { "category": "external", "summary": "RHBZ#2150323", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2150323" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-24999", "url": "https://www.cve.org/CVERecord?id=CVE-2022-24999" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24999" }, { "category": "external", "summary": "https://github.com/expressjs/express/releases/tag/4.17.3", "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "category": "external", "summary": "https://github.com/ljharb/qs/pull/428", "url": "https://github.com/ljharb/qs/pull/428" }, { "category": "external", "summary": "https://github.com/n8tz/CVE-2022-24999", "url": "https://github.com/n8tz/CVE-2022-24999" } ], "release_date": "2022-11-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-28T00:50:28+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0934" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "express: \"qs\" prototype poisoning causes the hang of the node process" }, { "cve": "CVE-2022-37601", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-10-14T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2134876" } ], "notes": [ { "category": "description", "text": "A prototype pollution vulnerability was found in the parseQuery function in parseQuery.js in the webpack loader-utils via the name variable in parseQuery.js. This flaw can lead to a denial of service or remote code execution.", "title": "Vulnerability description" }, { "category": "summary", "text": "loader-utils: prototype pollution in function parseQuery in parseQuery.js", "title": "Vulnerability summary" }, { "category": "other", "text": "Packages shipped in Red Hat Enterprise Linux use \u0027loader-utils\u0027 as a transitive dependency. Thus, reducing the impact to Moderate.\n\nIn Red Hat containerized products like OCP and ODF, the vulnerable loader-utils NodeJS module is bundled as a transitive dependency, hence the direct impact is reduced to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64" ], "known_not_affected": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-37601" }, { "category": "external", "summary": "RHBZ#2134876", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134876" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-37601", "url": "https://www.cve.org/CVERecord?id=CVE-2022-37601" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37601", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37601" }, { "category": "external", "summary": "https://github.com/webpack/loader-utils/issues/212", "url": "https://github.com/webpack/loader-utils/issues/212" } ], "release_date": "2022-10-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-28T00:50:28+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0934" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "loader-utils: prototype pollution in function parseQuery in parseQuery.js" }, { "cve": "CVE-2022-37603", "cwe": { "id": "CWE-185", "name": "Incorrect Regular Expression" }, "discovery_date": "2022-11-07T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2140597" } ], "notes": [ { "category": "description", "text": "A flaw was found in loader-utils webpack library. When the url variable from interpolateName is set, the prototype can be polluted. This issue could lead to a regular expression Denial of Service (ReDoS), affecting the availability of the affected component.", "title": "Vulnerability description" }, { "category": "summary", "text": "loader-utils: Regular expression denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64" ], "known_not_affected": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-37603" }, { "category": "external", "summary": "RHBZ#2140597", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140597" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-37603", "url": "https://www.cve.org/CVERecord?id=CVE-2022-37603" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-37603" } ], "release_date": "2022-10-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-28T00:50:28+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0934" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "loader-utils: Regular expression denial of service" }, { "cve": "CVE-2022-41717", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2023-01-16T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2161274" } ], "notes": [ { "category": "description", "text": "A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests", "title": "Vulnerability summary" }, { "category": "other", "text": "Within Red Hat OpenShift Container Platform, the grafana container is listed as will not fix. Since OCP 4.10, Grafana itself is not shipped and the Grafana web server is protected behind an OAuth proxy server.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ], "known_not_affected": [ "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-41717" }, { "category": "external", "summary": "RHBZ#2161274", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-41717", "url": "https://www.cve.org/CVERecord?id=CVE-2022-41717" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717" }, { "category": "external", "summary": "https://go.dev/cl/455635", "url": "https://go.dev/cl/455635" }, { "category": "external", "summary": "https://go.dev/cl/455717", "url": "https://go.dev/cl/455717" }, { "category": "external", "summary": "https://go.dev/issue/56350", "url": "https://go.dev/issue/56350" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", "url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2022-1144", "url": "https://pkg.go.dev/vuln/GO-2022-1144" } ], "release_date": "2022-11-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-28T00:50:28+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0934" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests" }, { "cve": "CVE-2022-42920", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2022-11-07T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2142707" } ], "notes": [ { "category": "description", "text": "An out-of-bounds (OOB) write flaw was found in Apache Commons BCEL API. This flaw can be used to produce arbitrary bytecode and may abuse applications that pass attacker-controlled data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected.", "title": "Vulnerability description" }, { "category": "summary", "text": "Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing", "title": "Vulnerability summary" }, { "category": "other", "text": "Fuse 7 ships the code in question but does not utilize it in the product, so it is affected at a reduced impact of Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64" ], "known_not_affected": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-42920" }, { "category": "external", "summary": "RHBZ#2142707", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142707" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-42920", "url": "https://www.cve.org/CVERecord?id=CVE-2022-42920" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42920", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42920" }, { "category": "external", "summary": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4", "url": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4" } ], "release_date": "2022-11-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-28T00:50:28+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0934" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Apache-Commons-BCEL: arbitrary bytecode produced via out-of-bounds writing" }, { "cve": "CVE-2022-46175", "cwe": { "id": "CWE-1321", "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)" }, "discovery_date": "2022-12-26T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2156263" } ], "notes": [ { "category": "description", "text": "A flaw was found in the json5 package. The affected version of the json5 package could allow an attacker to set arbitrary and unexpected keys on the object returned from JSON5.parse.", "title": "Vulnerability description" }, { "category": "summary", "text": "json5: Prototype Pollution in JSON5 via Parse Method", "title": "Vulnerability summary" }, { "category": "other", "text": "The json5 package is a build-time dependency in Red Hat products and is not used in production runtime. Hence, the impact is set to Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64" ], "known_not_affected": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-46175" }, { "category": "external", "summary": "RHBZ#2156263", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2156263" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-46175", "url": "https://www.cve.org/CVERecord?id=CVE-2022-46175" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46175" }, { "category": "external", "summary": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h", "url": "https://github.com/json5/json5/security/advisories/GHSA-9c47-m6qq-7p4h" } ], "release_date": "2022-12-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2023-02-28T00:50:28+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2023:0934" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-MTA-6.0:mta/mta-admin-addon-rhel8@sha256:9445191232ad1ff1c2926b5a2194130502696a74620cda941675edc9c366b305_amd64", "8Base-MTA-6.0:mta/mta-hub-rhel8@sha256:ebc8706761a518bd08447a6e51a35f81e5beb3840f3b6b66f656c23c36c07e76_amd64", "8Base-MTA-6.0:mta/mta-pathfinder-rhel8@sha256:b50244562f83977574d1bd88adc1d259501c90f883596b15fa81e557844e2956_amd64", "8Base-MTA-6.0:mta/mta-rhel8-operator@sha256:7f145fc5723fd09324500de359146c2967a8b8f960dac4b862352faf2cb592c4_amd64", "8Base-MTA-6.0:mta/mta-ui-rhel8@sha256:e00e79bc7fb1bc104b1d3e0ebc6b49c7d3c7885925e3c432d60b43f10aaec1c4_amd64", "8Base-MTA-6.0:mta/mta-windup-addon-rhel8@sha256:9a912e054a7c46e07bdbfeb165f0e71ff3686bcdba9cd53d0ed6be8ff0607108_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "json5: Prototype Pollution in JSON5 via Parse Method" } ] }
gsd-2022-24999
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b&a[__proto__]&a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore Express 4.17.3, which has "deps: qs@6.9.7" in its release description, is not vulnerable).
Aliases
Aliases
{ "GSD": { "alias": "CVE-2022-24999", "id": "GSD-2022-24999", "references": [ "https://access.redhat.com/errata/RHSA-2023:0050", "https://advisories.mageia.org/CVE-2022-24999.html", "https://access.redhat.com/errata/RHSA-2023:0612", "https://access.redhat.com/errata/RHSA-2023:0794", "https://access.redhat.com/errata/RHSA-2023:0934", "https://access.redhat.com/errata/RHSA-2023:0930", "https://access.redhat.com/errata/RHSA-2023:0932" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2022-24999" ], "details": "qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b\u0026a[__proto__]\u0026a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore Express 4.17.3, which has \"deps: qs@6.9.7\" in its release description, is not vulnerable).", "id": "GSD-2022-24999", "modified": "2023-12-13T01:19:42.698390Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-24999", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b\u0026a[__proto__]\u0026a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore Express 4.17.3, which has \"deps: qs@6.9.7\" in its release description, is not vulnerable)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/expressjs/express/releases/tag/4.17.3", "refsource": "CONFIRM", "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "name": "https://github.com/ljharb/qs/pull/428", "refsource": "CONFIRM", "url": "https://github.com/ljharb/qs/pull/428" }, { "name": "https://github.com/n8tz/CVE-2022-24999", "refsource": "MISC", "url": "https://github.com/n8tz/CVE-2022-24999" }, { "name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3299-1] node-qs security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00039.html" }, { "name": "https://security.netapp.com/advisory/ntap-20230908-0005/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20230908-0005/" } ] } }, "gitlab.com": { "advisories": [ { "affected_range": "\u003c4.17.3", "affected_versions": "All versions before 4.17.3", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cwe_ids": [ "CWE-1035", "CWE-1321", "CWE-937" ], "date": "2023-02-16", "description": "qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b\u0026a[__proto__]\u0026a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore Express 4.17.3, which has \"deps: qs@6.9.7\" in its release description, is not vulnerable).", "fixed_versions": [ "4.17.3" ], "identifier": "CVE-2022-24999", "identifiers": [ "CVE-2022-24999" ], "not_impacted": "All versions starting from 4.17.3", "package_slug": "npm/express", "pubdate": "2022-11-26", "solution": "Upgrade to version 4.17.3 or above.", "title": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2022-24999", "https://github.com/n8tz/CVE-2022-24999", "https://github.com/expressjs/express/releases/tag/4.17.3", "https://github.com/ljharb/qs/pull/428" ], "uuid": "3d83a0e0-db17-448c-a5f2-f3751fd07eb0" }, { "affected_range": "\u003c6.2.4||\u003e=6.3.0 \u003c6.3.3||==6.4.0 ||\u003e=6.5.0 \u003c6.5.3||==6.6.0 ||\u003e=6.7.0 \u003c6.7.3||\u003e=6.8.0 \u003c6.8.3||\u003e=6.9.0 \u003c6.9.7||\u003e=6.10.0 \u003c6.10.3", "affected_versions": "All versions before 6.2.4, all versions starting from 6.3.0 before 6.3.3, all versions starting from 6.4.0 up to 6.5.3, all versions starting from 6.6.0 up to 6.7.3, all versions starting from 6.8.0 before 6.8.3, all versions starting from 6.9.0 before 6.9.7, all versions starting from 6.10.0 before 6.10.3", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cwe_ids": [ "CWE-1035", "CWE-1321", "CWE-937" ], "date": "2023-02-16", "description": "qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b\u0026a[__proto__]\u0026a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore Express 4.17.3, which has \"deps: qs@6.9.7\" in its release description, is not vulnerable).", "fixed_versions": [ "6.2.4", "6.3.3", "6.4.1", "6.5.3", "6.6.1", "6.7.3", "6.8.3", "6.9.7", "6.10.3" ], "identifier": "CVE-2022-24999", "identifiers": [ "CVE-2022-24999" ], "not_impacted": "All versions starting from 6.2.4 before 6.3.0, all versions starting from 6.3.3 before 6.4.0, all versions after 6.5.3 before 6.6.0, all versions after 6.7.3 before 6.8.0, all versions starting from 6.8.3 before 6.9.0, all versions starting from 6.9.7 before 6.10.0, all versions starting from 6.10.3", "package_slug": "npm/qs", "pubdate": "2022-11-26", "solution": "Upgrade to versions 6.2.4, 6.3.3, 6.8.3, 6.9.7, 6.10.3 or above.", "title": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2022-24999", "https://github.com/n8tz/CVE-2022-24999", "https://github.com/expressjs/express/releases/tag/4.17.3", "https://github.com/ljharb/qs/pull/428" ], "uuid": "6311889c-6658-48b2-8c85-58502f70827c" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:qs_project:qs:*:*:*:*:*:node.js:*:*", "cpe_name": [], "versionEndExcluding": "6.3.3", "versionStartIncluding": "6.3.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:qs_project:qs:6.4.0:*:*:*:*:node.js:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:qs_project:qs:*:*:*:*:*:node.js:*:*", "cpe_name": [], "versionEndExcluding": "6.5.3", "versionStartIncluding": "6.5.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:qs_project:qs:6.6.0:*:*:*:*:node.js:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:qs_project:qs:*:*:*:*:*:node.js:*:*", "cpe_name": [], "versionEndExcluding": "6.7.3", "versionStartIncluding": "6.7.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:qs_project:qs:*:*:*:*:*:node.js:*:*", "cpe_name": [], "versionEndExcluding": "6.8.3", "versionStartIncluding": "6.8.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:qs_project:qs:*:*:*:*:*:node.js:*:*", "cpe_name": [], "versionEndExcluding": "6.9.7", "versionStartIncluding": "6.9.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:qs_project:qs:*:*:*:*:*:node.js:*:*", "cpe_name": [], "versionEndExcluding": "6.10.3", "versionStartIncluding": "6.10.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:qs_project:qs:*:*:*:*:*:node.js:*:*", "cpe_name": [], "versionEndExcluding": "6.2.4", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:openjsf:express:*:*:*:*:*:node.js:*:*", "cpe_name": [], "versionEndExcluding": "4.17.3", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-24999" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b\u0026a[__proto__]\u0026a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore Express 4.17.3, which has \"deps: qs@6.9.7\" in its release description, is not vulnerable)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-1321" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/n8tz/CVE-2022-24999", "refsource": "MISC", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/n8tz/CVE-2022-24999" }, { "name": "https://github.com/expressjs/express/releases/tag/4.17.3", "refsource": "CONFIRM", "tags": [ "Release Notes" ], "url": "https://github.com/expressjs/express/releases/tag/4.17.3" }, { "name": "https://github.com/ljharb/qs/pull/428", "refsource": "CONFIRM", "tags": [ "Issue Tracking", "Patch" ], "url": "https://github.com/ljharb/qs/pull/428" }, { "name": "[debian-lts-announce] 20230130 [SECURITY] [DLA 3299-1] node-qs security update", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00039.html" }, { "name": "https://security.netapp.com/advisory/ntap-20230908-0005/", "refsource": "CONFIRM", "tags": [], "url": "https://security.netapp.com/advisory/ntap-20230908-0005/" } ] } }, "impact": { "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } }, "lastModifiedDate": "2023-09-08T17:15Z", "publishedDate": "2022-11-26T22:15Z" } } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.